North Korean cyber-spy group “Reaper” is emerging as a global threat, conducting espionage well beyond the Korean peninsula in support of Pyongyang’s military and economic interests, says US cybersecurity firm FireEye Inc.
The group, known also as APT37, in 2017 began attacking targets in Japan, Vietnam and the Middle East after having focused on its southern neighbor for years, FireEye said in a report. The hacking group — traced to an IP address in North Korea — now infiltrates a range of industries from electronics and aerospace to automotive and health care, the cybersecurity firm said.
Reaper joins a growing list of hacking units linked to Kim Jong-un’s regime, including “Lazarus,” which the US blamed for a 2014 data theft at Sony Pictures Entertainment. North Korea has been widening its cyber-operations in pursuit of cash and intelligence in an attempt to cushion the impact of international sanctions, and Reaper underscores the challenge in fending them off.
Photo: AP
照片:美聯社
Reaper has been active since at least 2012, and typically sends its targets e-mails laced with malware to steal confidential information. Its targets have included a Middle Eastern telecommunications company doing business in North Korea, a Japan-based entity associated with a United Nations group on sanctions and the general director of a Vietnamese trading company, FireEye said, declining to name the victims.
“North Korea appears to be confident about hacking South Korea and now wants to look beyond,” said Shin Jin, a professor of political science at South Korea’s Chungnam National University. “Foreign nations are an unexplored market and many of them have security infrastructure weaker than South Korea.”
The group came under FireEye’s scrutiny when South Korea warned last month about a security vulnerability in Adobe Flash. A developer believed to belong to Reaper made the mistake of revealing his or her North Korean IP address, John Hultquist, FireEye’s director of intelligence analysis said. It’s unclear how large the group is, he added. “Ignored, these threats enjoy the benefit of surprise, allowing them to extract significant losses on their victims, many of whom have never previously heard of the actor,” FireEye said in an emailed statement.
(Bloomberg)
美國網路安全公司火眼指出,北韓網路間諜組織「死神」為了平壤的軍事與經濟利益,進行間諜情報的活動範圍已遠遠超出朝鮮半島,逐漸浮現成為全球性的威脅。
火眼公司在報告中表示,這個組織又以「APT37」為人所知,數年來皆針對南韓發動網路攻擊,然而該組織卻從二○一七年開始攻擊位於日本、越南、以及中東地區等地的目標。網路安全公司火眼的報告指出,此駭客組織──其網際網路協定位址(IP地址)可追溯到北韓境內──現在已滲透到許多產業中,範圍包括電子業和航太工業,以至於汽車產業與健康照護產業。
「死神」被歸類為與金正恩政權密切相關的多組駭客團隊之一,該名單內的成員不斷增加,其中名為「拉撒路」的團隊被美國認為是二○一四年索尼影視娛樂公司資料遭竊的幕後黑手。近年來,北韓持續擴展他們的網路攻擊行動範圍,為的是籌措更多現金與情報資訊,以減緩國際制裁帶來的衝擊,而「死神」的行動恰恰強調出北韓這類為抵禦國際制裁而帶給各國的挑戰。
「死神」至少從二○一二年開始就已展開活動,最典型的手段是將攜帶惡意軟體的電子郵件寄給攻擊目標,以竊取機密資訊。火眼公司表示,「死神」歷來鎖定的攻擊目標包括一間在北韓從事商業活動的中東電信公司、一間成立於日本並與聯合國某個制裁北韓組織相關的公司實體,以及一間越南貿易公司的總經理,不過火眼公司拒絕提出明確的受害者名單。
南韓忠南國立大學政治學系教授申進(音)表示:「北韓看起來對於向南韓發動駭客攻擊已經胸有成竹,所以現在想要向外尋找其它目標。」他也指出:「外國對北韓而言就像是未經開發的市場,而且其中多數國家的網路安全基礎建設都比南韓差。」
南韓在上個月曾經提出警告,指出常見的多媒體程式播放器 Adobe Flash 有某項安全漏洞,北韓的駭客集團就在此時被火眼公司盯上。火眼公司情報分析主任霍奎斯特表示,一位據信隸屬於「死神」團隊的程式開發人員不小心洩漏了他/她在北韓的網際網路協定位址。霍奎斯特補充說,目前並無法確知這個駭客集團的規模有多大。不過,火眼公司以電子郵件發送的聲明稿中提到:「由於長期不為人所知,這些安全威脅便得以攻人於不備,造成受害者極為嚴重的損失,而許多受害者甚至之前從來都沒有聽過這個駭客團隊的名號。」
(台北時報章厚明譯)
Follow up
課後練習
Reading Comprehension
1. In addition to stealing military secrets, Reaper is also engaged in industrial espionage.
(True/false)
2. Ransomware is used by hackers to steal information, whereas malware is used to extort money from its victims. (True/false)
3. Which industries are known to have been targeted by the Reaper cyber-spy group?
4. Why have international sanctions on North Korea been linked to an increase in cyberattacks from the country’s hacking groups?
5. If you were the owner of a business, what would you do to protect your company from hacking attacks?
(Edward Jones, Taipei Times)
Tangbao are one of the most internationally renowned delicacies, that win the hearts of both locals and tourists. Their charm lies in the paper-thin flour wrapper that needs to be folded evenly almost 20 times. Folding a tangbao requires skill to deal with a bulging filling and a thin wrapper. Tangbao are served in a bamboo steamer in which they are steamed, not only adding to the visual appearance, but ensuring they do not get cold before reaching the table. The best way to enjoy a tangbao is to dip it in a mixture of vinegar and soy sauce with
The Bank of Japan (BoJ) announced a seismic change in direction on March 19, hiking interest rates for the first time in 17 years. The move represents an unwinding of an ultra-loose — and maverick -- policy aimed at putting Japan’s “lost decades” of stagnation and deflation behind it. The last time the BoJ raised interest rates was in 2007, but its war against deflation began in earnest in 2013 under then-prime minister Shinzo Abe. “Abenomics” combined generous government spending and central bank monetary easing. The BoJ spent vast amounts on bonds and other assets to pump liquidity into the
Have you ever wished for an extra hour to prepare for exams or finish homework? In some countries, people actually adjust their clocks to gain or lose an hour, all for the sake of Daylight Saving Time (DST). Specifically, clocks are set forward by an hour in March and then set back in November. One of the primary reasons for implementing DST is to make better use of natural daylight so that people can reduce energy consumption. The concept originated with Benjamin Franklin in 1784 and became widely adopted during World War I. Today, this system is in place
A: Wow, YouTuber Xander 73’s channel “73_Tricking” now has over 10 million subscribers, making him Taiwan’s first 10-million YTR. B: Cool! But what’s “tricking?” A: Basically, it’s a sport derived from extreme martial arts. B: Xander 73’s income is as high as NT$600,000 per month. What’s the secret of his success? A: He often uses English catchphrases in his videos to attract more viewers from around the world. This shows how important English is. A: 哇,YouTuber奇軒的「奇軒Tricking」頻道訂閱突破千萬人, 成為台灣首位千萬YTR! B: 好厲害,但什麼是tricking啊? A: 聽說是極限武術所衍生的運動。 B: 奇軒月入60萬,成功的秘訣是什麼呢? A: 他常使用英文標語,所以能吸引全球觀眾,可見英文多重要。 (By Eddy Chang, Taipei Times/台北時報張聖恩)