Spying unit is widening its operations into aerospace and defence industries, according to US security firm
An increasingly sophisticated North Korean cyber-espionage unit is using its skills to widen snooping operations to aerospace and defence industries, a new study has revealed.
FireEye, a US private security company that tracks cyber-attackers around the world, has identified a North Korean group, which it names APT3 7( Reaper) and which it says is using malware to infiltrate computer networks.
The report indicates the group has been active since 2012, but has now graduated to the level of an advanced persistent threat.
Until now, different groups has substantially focused its cyber-espionage endeavors on South Korea, but FireEye outlines evidence that it” has expanded its operations in both scope and sophistication “.
” We assess with high confidence that this activity to be undertaken on behalf of the Northern korean government ,” research reports says.
The group’s cyber operation is now said to be targeting Japan, Vietnam and the Middle East and is attempting to steal secrets from companies and organisations involved in the chemical, electronics, manufacturing, aerospace, automotive and healthcare industries.
” We judge that APT3 7′ s primary mission is covert intelligence gathering in support of North Korea’s strategic, military, political and economic interests ,” the report says.
The report arrives after months of increasingly hot rhetoric between Kim Jong-un and Donald Trump amid US fears that North Korea is its biggest threat, as Pyongyang makes progress in developing a nuclear warhead and ballistic missile system capable of reaching the US mainland.
The scale of North Korea’s cyber-espionage endeavour was outlined in 2015 when South Korea claimed the north’s” cyber army” had doubled in size to more than 6,000 people.
In December last year, it was suggested the UK and US may have launched retaliatory cyber-attacks against North Korea. The UK and the Trump administration blamed North Korea for the WannaCry malware attacks which brought chaos to hospitals, banks and other companies in May 2017.