Cyber Threat Actors
North Korean Reconnaissance General Bureau 3rd Bureau
North Korea's Reconnaissance General Bureau (RGB) 3rd Bureau is reported by the FBI and other international agencies as an entity based in ...
Hainan Xiandun Technology Development Company
According to the US Department of Justice, Hainan Xiandun Technology Development Co. Ltd (Hainan Xiandun) was established as a front company by ...
People’s Liberation Army (PLA) Unit 69010
According to analysis by Recorded Future, Unit 69010 is likely the Military Unit Cover Designator (MUCD) for a Technical Reconnaissance Bureau ...
Hainan State Security Department
According to the US Department of Justice, Hainan State Security Department (HSSD) is a provincial arm of China’s Ministry of State Security ...
NTC Vulkan
NTC Vulkan is a Russian cybersecurity consultancy, identified as a key player in enhancing Russia's cyberwarfare capabilities. It develops ...
Chengdu 404
Chengdu 404, or Chengdu 404 Network Technology is a PRC (People's Republic of China) company which has been identified by the US justice ...
Wuhan Xiaoruizhi Science and Technology Company Limited
According to the US and UK governments, Wuhan Xiaoruizhi Science and Technology Company, Limited (Wuhan XRZ) is a front company for China's ...
North Korean Ministry of State Security (MSS)
According to researchers at Mandiant, the Democratic People’s Republic of Korea’s (DPRK) Ministry of State Security (MSS) is the sponsor of parts ...
North Korean Reconnaissance General Bureau
According to the US government, the Reconnaissance General Bureau (RGB) is a military intelligence agency of the Democratic People’s Republic of ...
The DaVinci Group
According to public reporting, The DaVinci Group is the real world threat actor behine the UAC-0050 intrusion set. The DaVinci Group are ...
Intellexa
Intellexa, or the Intellexa Alliance, is reportedly a consortium of companies which has a corporate presence in the EU and provides cyber- ...
i-SOON
According to public reporting, i-SOON is a Chinese cyber security company which develops malware and carries out cyber espionage operations on ...
Russian Central Scientific Research Institute of Chemistry (CNIIHM)
The Central Scientific Research Institute of Chemistry (CNIIHM) is identified by FireEye intelligence as 'a Russian government-owned technical ...
IRGC-Intelligence Organisation
Some cyber security vendors (including Sekoia.io) attribute a subset of Iranian threat actors to the Islamic Revolutionary Guard Corps - ...
Islamic Revolutionary Guard Corps (IRGC)
The Islamic Revolutionary Guard Corps (IRGC) is a branch of the Iranian Armed Forces which has been designated as a terrorist organisation by US ...
Chinese Ministry of State Security
The Chinese Ministry of State Security (MSS) has been linked by CISA and other agencies to multiple cyber APTs (Advanced Persistent Threats). CISA ...
Guangzhou Boyu Information Technology Company (Boyusec)
Guangzhou Boyu Information Technology Company, known as Boyusec, is a Chinese company based in Guangzhou with reported links to the Chinese ...
People’s Liberation Army (PLA) Unit 78020
The Chinese People’s Liberation Army’s (PLA) Chengdu Military Region Second Technical Reconnaissance Bureau, or PLA Unit 78020, was identified by ...
People’s Liberation Army (PLA) Unit 65017
PLA Unit 65017 was identified by FireEye as the Chinese cyber threat actor potentially behind the Tonto Team intrusion set.
People’s Liberation Army (PLA) Unit 61486
In June 2014, CrowdStrike researchers identified Chinese PLA 3rd Department 12th Bureau Unit 61486 as the threat actor likely to be behind the ...
People’s Liberation Army (PLA) Unit 61398
PLA 61398's full title is China's 2nd Bureau of the People's Liberation Army (PLA) General Staff Department's (GSD) 3rd Department (Military Cover ...
FSB Center 18
FSB Center 18 is a unit within the FSB, Russia's Intelligence Services. The UK and the US have linked Center 18 to intrusion sets tracked as ...
FSB Center 16
FSB Center 16's full title is Center for Radio-Electronic Intelligence by Means of Communication and it is also known as Military Unit 71330. The ...
GRU Unit 26165
GRU Unit 26165 is also known as the 85th Main Special Service Center (GTsSS). GTsSS has been publicly attributed as the threat actor behind APT28 ...
GRU - Russian Main Directorate of the General Staff
The GRU is Russia's military intelligence agency. GRU officers have been indicted for multiple cyber related offences including NotPetya (2017), ...
GRU Unit 74455
GRU Unit 74455's full title is the Main Center of Special Technologies (GTsST). As a cyber adversary, they have operated since 2009 widely ...
SVR - Russian Foreign Intelligence Service
The SVR, Russia's civilian foreign intelligence service, is the successor to the KGB's First Chief Directorate. CISA report that SVR has been ...
FSB - Russian Federal Security Service
The FSB (Russia's Federal Security Service) is the successor to the KGB. The FSB's primary responsibilities are within Russia and include counter- ...
Russian Federation Central Scientific Research Institute of Chemistry and Mechanics (TsNIIKhM)
According to the US government, the Russian Federation Central Scientific Research Institute of Chemistry and Mechanics, or TsNIIKhM, is linked to ...