A previously-unknown North Korean hacking group is emerging as a serious threat to global security, according to a report from a leading cybersecurity firm.
Analysts with the California-based cybersecurity firm FireEye report that the rogue regime in North Korea is strengthening its cyber warfare capabilities and stands ready to launch large-scale, devastating cyberattacks.
Most cyberattacks attributed to North Korea, such as the Sony Pictures hack, the WannaCry ransomeware attack, and a cyber bank heist at the Federal Reserve Bank of New York, are believed to have been carried out by a hacker group known as Lazarus. It has now come to light that North Korea has another cyber warfare unit — APT37 (Reaper) — dedicated to conducting espionage that is clearly “expanding in scope and sophistication” North Korea’s cyberspace capabilities, FireEye reports.
Reaper has been using spear phishing attacks and malware to infiltrate systems in South Korea, as well as those in Japan, Vietnam, and parts of the Middle East. “We assess with high confidence that this activity is carried out on behalf of the North Korean government,” the cybersecurity firm argues in its new report.
“They’ve laid low on the radar for a long time,” John Hultquist, director of intelligence analysis for FireEye, told Bloomberg. “Ignored, these threats enjoy the benefit of surprise, allowing them to extract significant losses on their victims, many of whom have never previously heard of the actor,” he said, adding, “We expect very aggressive activity in the near future.”
ALSO WATCH: North Korea Sentences Trump To Death
The Reaper group has reportedly been active since 2012, covertly spying on the South Korean government and military, as well as local media. But, they have started targeting major companies in key industries, such as electronics, aerospace, healthcare, chemicals, automotive, and manufacturing. North Korea’s cyber warriors have reportedly exploited key vulnerabilities in systems at major multinational companies. The shadowy group has been labeled an “advanced persistent threat.”
“We are talking multinationals, they have offices all over the world,” Hultquist explained to CNN Money, “Companies like that, any effect can reverberate, because it is global already.”
Surprise attacks in cyberspace are, according to the U.S. intelligence community’s recently-released World Threat Assessment, a growing concern. “Pyongyang probably has a number of techniques and tools it can use to achieve a range of offensive effects with little or no warning, including distributed denial of service attacks, data deletion, and deployment of ransomware,” the report states.
As other North Korean hacking groups like Lazarus started as espionage units, it is possible that Reaper could launch massive, destructive global attacks against a number of international targets.
North Korea’s cyber warfare capabilities have been a concern for years. While most of the country does not have access to the internet and North Korea struggles to provide power to most of its population, the country has invested its scarce resources into bolstering its asymmetric warfare options in cyberspace.
“While I would not characterize [the North Koreans] as the best in the world, they are among the best in the world and the best organized,” Army Gen. Vincent Brooks, commander of U.S. Forces Korea, told the Senate in 2016. The famously dark satellite images of North Korea at night are often misleading. These images are a testament to North Korea’s willingness to deprive its citizens of basic necessities, not an indication of limited capabilities.
The Daily Caller News Foundation is working hard to balance out the biased American media. For as little as $3, you can help us. Make a one-time donation to support the quality, independent journalism of TheDCNF. We’re not dependent on commercial or political support and we do not accept any government funding.
All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact licensing@dailycallernewsfoundation.org.