Spying unit is widening its operations into aerospace and defence industries, according to US security firm
An increasingly sophisticated North Korean cyber-espionage unit is using its skills to widen spying operations to aerospace and defence industries, a new study has revealed.
FireEye, a US private security company that tracks cyber-attackers around the world, has identified a North Korean group, which it names APT3 7( Reaper) and which it says is employing malware to infiltrate computer networks.
The report suggests different groups has been active since 2012, but has now graduated to the level of an advanced persistent threat.
Until now, the group has substantially focused its cyber-espionage efforts on South Korea, but FireEye outlines evidence that it” has expanded its operations in both scope and sophistication “.
” We assess with high confidence that this activity is carried out on behalf of the Northern korean government ,” the report says.
The group’s cyber operation is now said to be targeting Japan, Vietnam and the Middle East and is attempting to steal secrets from companies and organisations involved in the chemical, electronics, manufacturing, aerospace, automotive and healthcare industries.
” We judge that APT3 7′ s primary mission is covert intelligence gathering in support of North Korea’s strategic, military, political and economic interests ,” the report says.
The report arrives after months of increasingly hot rhetoric between Kim Jong-un and Donald Trump amid US fears that North Korea is its biggest threat, as Pyongyang makes progress in developing a nuclear warhead and ballistic missile system capable of hitting the US mainland.
The scale of North Korea’s cyber-espionage endeavor was outlined in 2015 when South Korea claimed the north’s” cyber army” had doubled in size to more than 6,000 people.
In December last year, it was suggested the UK and US may have launched retaliatory cyber-attacks against North Korea. The UK and the Trump administration blamed North Korea for the WannaCry malware attacks which brought chaos to hospitals, banks and other companies in May 2017.