The names sound cuddly: "Magic Kitten," "Numbered Panda," "Energetic Bear."
But these names were given to some of the most dangerous hacker groups as noted by security firm, CrowdStrike, in its 2013 Global Threat Report. Not only are these groups far from cute, some have ties to nationalist activist groups and are specifically seeking data on corporate America.
Many of the hacker groups specifically sought access to information from U.S. corporate networks, according to the report. "The U.S. is the most innovative country in the world and these other organizations, these other nations, recognize that. By stealing that technology they're able to provide their corporations much more competitive advantage," said Shawn Henry, president of CrowdStrike Services and a retired FBI official.
Here are the groups CrowdStrike researched. The global threat report was released last week:
A China-based group called "Emissary Panda" engaged in what CrowdStrike calls strategic Web compromise. This kind of attack occurs when hackers use an industry website to gain a foothold into individual companies. For example, if a group wanted to access energy companies, they might attack an energy trade group and post a malicious file. If individuals who work for energy companies download the file, the hackers get access to their networks.
"Emissary Panda" was very active during the last three months of 2013 and targeted the defense and technology sectors around the world, according to CrowdStrike.
Also with roots in China, "Numbered Panda" exploited individuals exposed to the G-20 Summit in Russia. The hackers are believed to have sent phishing emails that contained malicious attachments.
"Numbered Panda" and "Emissary Panda" show hacker groups are focused on infiltrating U.S. companies, Henry said. At the same time, other nations beyond China have active cybergroups. Various hacker groups outside China are "using their capabilities and technology because they recognize the value of the information that is contained on U.S. networks," Henry said.
"Energetic Bear" is an example of the cyberthreat from Russia. CrowdStrike believes this group focuses on mining data from U.S. energy firms.
While Russian hackers have targeted government networks for years, Russian hackers' focus on commercial businesses including energy is a substantial development, Henry said.
"Magic Kitten" is a hacking group that appears to come from Iran. According to Crowdstrike, this group targets political dissidents in Iran. This group is believed to have existed since 2009 and its most recent attacks were in November 2013.
"Deadeye Jackal" is the CrowdStrike name for the Syrian Electronic Army, a political activist group that is sympathetic to Syrian President Bashar Assad, according to CrowdStrike.
This group gained media attention when it hacked into the Associated Press' Twitter account last year and claimed there were explosions at the White House. "They targeted the U.S. media because they didn't think they were being given a fair shake in the media. By launching these attacks, they looked to promote their social cause," Henry said. Since the AP attack, the Syrian Electronic Army has targeted media and technology companies.
With law enforcement of cybercrime generally weak, criminals see cybercrime as high reward with little risk. Henry says governments need to make it more difficult and costly for cyberthieves to nab data and infiltrate ecosystems.
This article originally appeared in CNBC.
Read more at CNBC:
Top 2013 cybersecurity stories and what to watch for in 2014
Markets sink briefly on fake AP terror tweet
Milken to Madoff: scandals that changed the world