Spying unit is widening its operations into aerospace and defence industries, according to US security firm
An increasingly sophisticated North Korean cyber-espionage unit is using its abilities to widen snooping operations to aerospace and defence industries, a new survey has revealed.
FireEye, a US private security company that tracks cyber-attackers around the world, has identified a North Korean group, which it names APT3 7( Reaper) and which it says is utilizing malware to infiltrate computer networks.
The report indicates the group has been active since 2012, but has now graduated to the level of an advanced persistent threat.
Until now, the group has substantially focused its cyber-espionage endeavours on South Korea, but FireEye outlines evidence that it” has expanded its operations in both scope and sophistication “.
” We assess with high confidence that this activity is carried out on behalf of the Northern korean government ,” the report says.
The group’s cyber operation is now said to be targeting Japan, Vietnam and the Middle East and is striving to steal secrets from companies and organisations involved in the chemical, electronics, manufacturing, aerospace, automotive and healthcare industries.
” We judge that APT3 7′ s primary mission is covert intelligence gathering in support of North Korea’s strategic, military, political and economic interests ,” the report says.
The report comes after months of increasingly hot rhetoric between Kim Jong-un and Donald Trump amid US fears that North Korea is its biggest threat, as Pyongyang makes progress in developing a nuclear warhead and ballistic missile system capable of reaching the US mainland.
The scale of North Korea’s cyber-espionage endeavour was outlined in 2015 when South Korea claimed the north’s” cyber army” had doubled in sizing to more than 6,000 people.
In December last year, it was suggested the UK and US may have launched retaliatory cyber-attacks against North Korea. The UK and the Trump administration blamed North Korea for the WannaCry malware attacks which brought chaos to hospitals, banks and other companies in May 2017.