Time
21 minutes
Difficulty
Intermediate
CEU/CPE
1

Video Transcription

00:00
Hello, everyone. I'm instructor Gerry Roberts, and this is introduction to a PT groups.
00:07
In this video, we're gonna talk about how a PT groups air tracked, and we're gonna look at some current A PT groups to watch.
00:16
So first, how are a PT groups trapped?
00:20
Well, typically, they're trapped by the government or some sort of security organization
00:25
group's heir, typically given a number, and then that is shared between those who track those groups.
00:32
For example, there's a group, Notice Reaper
00:36
that is also known as A B T 37 or Group 37
00:42
Kurt Groups to watch.
00:44
So there are a couple of groups listed here. There are four of them. It's a short list of common actors.
00:49
The idea is to give you an example of Kurt actors and what groups might look like.
00:55
Of course, always stay up to date on the threats that might impact you and your business.
01:03
So the first couple groups Angler E. K. Now, that may sound familiar because you might be familiar with the angler Attack it.
01:11
Oh, this group used that kit with Dr Buy downloads in order to target random businesses and companies.
01:19
They're originally from the former USSR and were established in about 14 4015. Their motivation is financial gate.
01:30
The next group is known as black Fine. They were established. You're on 2012
01:34
and they're from around Beijing. We're not 100% sure exactly where, but we know it's somewhere around Beijing.
01:42
They use a couple different types of attacks. They use zero day exploits, watering hole attacks, custom developed malware such as here, IX, sacharow and my vest.
01:53
And they usually target aerospace, energy and healthcare organizations.
01:59
Their key motivation is cyber espionage.
02:05
Another couple, Corpse Butterfly
02:07
butterfly, was established in 2012 and is primarily from China.
02:13
They use euro day exploits
02:15
and custom development. Our
02:17
such as OS X dot pint sized
02:22
and back door dot Jerry Pete, but
02:25
so you can see by the name of some of their power. They also attack Mac systems in addition to your normal attacks on Windows and Linux systems.
02:38
Now their targets have actually been quite large. They've targeted Twitter, Facebook, Apple, Microsoft on all of these. They were able to compromise somewhere around 2013 early in the year.
02:51
They've also expanded into pharmaceutical technology law practices oil, precious metal mining organizations anywhere they can find some financial gain.
03:01
Their primary motivation has been financial gain and cyber espionage.
03:07
Dragon fly
03:09
This group was established around 2011.
03:13
They're from around Eastern Europe.
03:15
They typically use spam email, watering hole attacks, and they've made their own custom malware tools.
03:23
The trojan dot carrigan e and the back door dot old area.
03:29
Their targets have been defense aviation in the U. S. And Canada,
03:34
and now they've moved to target some European energy firms as well.
03:38
Their motivation has been sober espionage, specifically spying and sabotage.
03:46
It's time for our post assessment question.
03:50
How are a PT groups typically classified?
03:53
Are they classified by their threat level,
03:55
their group number or name,
03:58
their location
03:59
or their number of members?
04:01
I'll give you a moment to think on that one. You could also the pause the video if you would like, and we'll come back to the answer. In a moment.
04:12
That answer is B group number or name. Typically, a PT groups are classified by their name or their group number.
04:21
So when you go to look for information on them, you can find it quite easily by the name. Or, if you know their group number, you could find it by group number

Up Next

APT Group Fundamentals

In this course, you will learn the fundamentals of Advanced Persistent Groups, and the deliniation between them in comparison to popular threat vectors in the security space. This course will cover common characteristics and attack patterns of APT groups, so that you can understand the threats associated.

Instructed By

Instructor Profile Image
Gerrianne Roberts
Professor, Network Engineering Technology
Instructor