diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 568f6d9..804d33e 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -286,6 +286,9 @@ "BORON", "BRONZE MAYFAIR", "Red Sylvan" + ], + "targeted-sector": [ + "Political party" ] }, "related": [ @@ -502,6 +505,14 @@ "G0001", "Axiom", "HELIUM" + ], + "targeted-sector": [ + "Defense", + "Intelligence", + "Technology", + "Mining", + "Government, Administration", + "Justice" ] }, "related": [ @@ -558,6 +569,13 @@ "PLA Navy", "Wekby", "G0026" + ], + "targeted-sector": [ + "Aerospace", + "Defense", + "Health", + "High tech", + "Telecoms" ] }, "related": [ @@ -639,6 +657,11 @@ "G0073", "Pupa", "Sunshop Group" + ], + "targeted-sector": [ + "Technology", + "Finance", + "Non-profit organisation" ] }, "related": [ @@ -819,6 +842,10 @@ "G0030", "Red Salamander", "Lotus BLossom" + ], + "targeted-sector": [ + "Military", + "Government, Administration" ] }, "related": [ @@ -843,6 +870,10 @@ "https://www.crowdstrike.com/blog/crowdstrike-discovers-use-64-bit-zero-day-privilege-escalation-exploit-cve-2014-4113-hurricane-panda/", "https://www.crowdstrike.com/blog/storm-chasing/", "https://www.crowdstrike.com/blog/cyber-deterrence-in-action-a-story-of-one-long-hurricane-panda-campaign/" + ], + "targeted-sector": [ + "Technology", + "Telecoms" ] }, "uuid": "0286e80e-b0ed-464f-ad62-beec8536d0cb", @@ -915,6 +946,11 @@ "G0027", "Iron Taurus", "Earth Smilodon" + ], + "targeted-sector": [ + "Technology", + "Government, Administration", + "Defense" ] }, "related": [ @@ -1023,6 +1059,10 @@ "refs": [ "https://www.cfr.org/interactive/cyber-operations/hellsing", "https://securelist.com/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/69567/" + ], + "targeted-sector": [ + "Infrastructure", + "Diplomacy" ] }, "uuid": "af482dde-9e47-48d5-9cb2-cf8f6d6303d3", @@ -1142,6 +1182,15 @@ "ANCHOR PANDA", "QAZTeam", "ALUMINUM" + ], + "targeted-sector": [ + "Other", + "Aerospace", + "Defense", + "Intelligence", + "Maritime", + "Military", + "Space" ] }, "related": [ @@ -1262,6 +1311,13 @@ "RedFoxtrot", "Red Wendigo", "PLA Unit 69010" + ], + "targeted-sector": [ + "Other", + "Maritime", + "Military", + "Government, Administration", + "Telecoms" ] }, "uuid": "32c534b9-abec-4823-b223-a810f897b47b", @@ -1494,6 +1550,12 @@ "MAGNESIUM", "admin@338", "G0018" + ], + "targeted-sector": [ + "Activists", + "Trade", + "Finance", + "Political party" ] }, "related": [ @@ -1534,6 +1596,10 @@ "BRONZE HOBART", "G0081", "Red Orthrus" + ], + "targeted-sector": [ + "Military", + "Government, Administration" ] }, "uuid": "7f16d1f5-04ee-4d99-abf0-87e1f23f9fee", @@ -1723,6 +1789,13 @@ "Group 83", "NewsBeef", "G0058" + ], + "targeted-sector": [ + "Defense", + "Diplomacy", + "Military", + "Technology", + "Government, Administration" ] }, "related": [ @@ -1893,6 +1966,11 @@ "synonyms": [ "Group 42", "VOYEUR" + ], + "targeted-sector": [ + "Opposition", + "Dissidents", + "Political party" ] }, "uuid": "2e77511d-f72f-409e-9b64-e2a15efe9bf4", @@ -1943,6 +2021,14 @@ "Operation Woolen-Goldfish", "Thamar Reservoir", "Timberworm" + ], + "targeted-sector": [ + "Activists", + "Defense", + "Journalist", + "Research - Innovation", + "Academia - University", + "Government, Administration" ] }, "related": [ @@ -2066,6 +2152,13 @@ "TG-2889", "Cobalt Gypsy", "G0003" + ], + "targeted-sector": [ + "Defense", + "Energy", + "Technology", + "Government, Administration", + "Academia - University" ] }, "related": [ @@ -2291,6 +2384,11 @@ "UAC-0028", "FROZENLAKE", "Sofacy" + ], + "targeted-sector": [ + "Military", + "Government, Administration", + "Security Service" ] }, "related": [ @@ -2383,6 +2481,10 @@ "Blue Kitsune", "ITG11", "BlueBravo" + ], + "targeted-sector": [ + "Think Tanks", + "Government, Administration" ] }, "related": [ @@ -2511,6 +2613,13 @@ "Blue Python", "SUMMIT", "UNC4210" + ], + "targeted-sector": [ + "Government, Administration", + "Education", + "Electric", + "Energy", + "Health" ] }, "related": [ @@ -2599,6 +2708,9 @@ "ITG15", "BROMINE", "Blue Kraken" + ], + "targeted-sector": [ + "Energy" ] }, "related": [ @@ -2675,6 +2787,11 @@ "IRIDIUM", "Blue Echidna", "FROZENBARENTS" + ], + "targeted-sector": [ + "Electric", + "Energy", + "Industrial" ] }, "related": [ @@ -2833,6 +2950,11 @@ "Team Bear", "Anger Bear", "IRON LYRIC" + ], + "targeted-sector": [ + "Activists", + "Intelligence", + "Government, Administration" ] }, "related": [ @@ -11526,5 +11648,5 @@ "value": "MoustachedBouncer" } ], - "version": 279 + "version": 281 }