Tue, Feb 27, 2018 - Page 14 News List

North Korean hacking group grows into global threat
北韓駭客組織升級為全球威脅

On May 15, last year officials at the Korea Internet and Security Agency in Seoul, South Korea watch electronic screens to monitor possible ransomware cyberattacks.
韓國互聯網振興院人員,去年五月十五日看螢幕監控可能會發生的勒索軟體型網路攻擊。

Photo: AP
照片:美聯社

North Korean cyber-spy group “Reaper” is emerging as a global threat, conducting espionage well beyond the Korean peninsula in support of Pyongyang’s military and economic interests, says US cybersecurity firm FireEye Inc.

The group, known also as APT37, in 2017 began attacking targets in Japan, Vietnam and the Middle East after having focused on its southern neighbor for years, FireEye said in a report. The hacking group — traced to an IP address in North Korea — now infiltrates a range of industries from electronics and aerospace to automotive and health care, the cybersecurity firm said.

Reaper joins a growing list of hacking units linked to Kim Jong-un’s regime, including “Lazarus,” which the US blamed for a 2014 data theft at Sony Pictures Entertainment. North Korea has been widening its cyber-operations in pursuit of cash and intelligence in an attempt to cushion the impact of international sanctions, and Reaper underscores the challenge in fending them off.

Reaper has been active since at least 2012, and typically sends its targets e-mails laced with malware to steal confidential information. Its targets have included a Middle Eastern telecommunications company doing business in North Korea, a Japan-based entity associated with a United Nations group on sanctions and the general director of a Vietnamese trading company, FireEye said, declining to name the victims.

“North Korea appears to be confident about hacking South Korea and now wants to look beyond,” said Shin Jin, a professor of political science at South Korea’s Chungnam National University. “Foreign nations are an unexplored market and many of them have security infrastructure weaker than South Korea.”

TODAY’S WORDS
今日單字

1. ransomware n.

勒索軟體

(le4 suo3 ruan2 ti3)

2. cyberattack n.

網路攻擊

(wang3 lu4 gong1 ji2)

3. cybersecurity n.

網路安全

(wang3 lu4 an1 quan2)

4. hacking group phr.

駭客組織

(hai4 ke4 zu3 zhi1)

5. infiltrate v.

滲透 (shen4 tou4)

6. target n.

攻擊目標

(gong1 ji2 mu4 biao1)

7. malware n.

惡意軟體

(e4 yi4 ruan2 ti3)

8. confidential information phr.

機密資訊

(ji1 mi4 zi1 xun4)

9. infrastructure n.

基礎建設

(ji1 chu3 jian4 she4)

10. vulnerability n.

漏洞 (lou4 dong4)


The group came under FireEye’s scrutiny when South Korea warned last month about a security vulnerability in Adobe Flash. A developer believed to belong to Reaper made the mistake of revealing his or her North Korean IP address, John Hultquist, FireEye’s director of intelligence analysis said. It’s unclear how large the group is, he added. “Ignored, these threats enjoy the benefit of surprise, allowing them to extract significant losses on their victims, many of whom have never previously heard of the actor,” FireEye said in an emailed statement.

(Bloomberg)

美國網路安全公司火眼指出,北韓網路間諜組織「死神」為了平壤的軍事與經濟利益,進行間諜情報的活動範圍已遠遠超出朝鮮半島,逐漸浮現成為全球性的威脅。

火眼公司在報告中表示,這個組織又以「APT37」為人所知,數年來皆針對南韓發動網路攻擊,然而該組織卻從二○一七年開始攻擊位於日本、越南、以及中東地區等地的目標。網路安全公司火眼的報告指出,此駭客組織──其網際網路協定位址(IP地址)可追溯到北韓境內──現在已滲透到許多產業中,範圍包括電子業和航太工業,以至於汽車產業與健康照護產業。

「死神」被歸類為與金正恩政權密切相關的多組駭客團隊之一,該名單內的成員不斷增加,其中名為「拉撒路」的團隊被美國認為是二○一四年索尼影視娛樂公司資料遭竊的幕後黑手。近年來,北韓持續擴展他們的網路攻擊行動範圍,為的是籌措更多現金與情報資訊,以減緩國際制裁帶來的衝擊,而「死神」的行動恰恰強調出北韓這類為抵禦國際制裁而帶給各國的挑戰。

「死神」至少從二○一二年開始就已展開活動,最典型的手段是將攜帶惡意軟體的電子郵件寄給攻擊目標,以竊取機密資訊。火眼公司表示,「死神」歷來鎖定的攻擊目標包括一間在北韓從事商業活動的中東電信公司、一間成立於日本並與聯合國某個制裁北韓組織相關的公司實體,以及一間越南貿易公司的總經理,不過火眼公司拒絕提出明確的受害者名單。

南韓忠南國立大學政治學系教授申進(音)表示:「北韓看起來對於向南韓發動駭客攻擊已經胸有成竹,所以現在想要向外尋找其它目標。」他也指出:「外國對北韓而言就像是未經開發的市場,而且其中多數國家的網路安全基礎建設都比南韓差。」

南韓在上個月曾經提出警告,指出常見的多媒體程式播放器 Adobe Flash 有某項安全漏洞,北韓的駭客集團就在此時被火眼公司盯上。火眼公司情報分析主任霍奎斯特表示,一位據信隸屬於「死神」團隊的程式開發人員不小心洩漏了他/她在北韓的網際網路協定位址。霍奎斯特補充說,目前並無法確知這個駭客集團的規模有多大。不過,火眼公司以電子郵件發送的聲明稿中提到:「由於長期不為人所知,這些安全威脅便得以攻人於不備,造成受害者極為嚴重的損失,而許多受害者甚至之前從來都沒有聽過這個駭客團隊的名號。」

(台北時報章厚明譯)

Follow up

課後練習

Reading Comprehension

1. In addition to stealing military secrets, Reaper is also engaged in industrial espionage.

This story has been viewed 3532 times.

Comments will be moderated. Keep comments relevant to the article. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. Final decision will be at the discretion of the Taipei Times.

TOP top