North Korean cyber-spy group “Reaper” is emerging as a global threat, conducting espionage well beyond the Korean peninsula in support of Pyongyang’s military and economic interests, says US cybersecurity firm FireEye Inc.
The group, known also as APT37, in 2017 began attacking targets in Japan, Vietnam and the Middle East after having focused on its southern neighbor for years, FireEye said in a report. The hacking group — traced to an IP address in North Korea — now infiltrates a range of industries from electronics and aerospace to automotive and health care, the cybersecurity firm said.
Reaper joins a growing list of hacking units linked to Kim Jong-un’s regime, including “Lazarus,” which the US blamed for a 2014 data theft at Sony Pictures Entertainment. North Korea has been widening its cyber-operations in pursuit of cash and intelligence in an attempt to cushion the impact of international sanctions, and Reaper underscores the challenge in fending them off.
Photo: AP
照片:美聯社
Reaper has been active since at least 2012, and typically sends its targets e-mails laced with malware to steal confidential information. Its targets have included a Middle Eastern telecommunications company doing business in North Korea, a Japan-based entity associated with a United Nations group on sanctions and the general director of a Vietnamese trading company, FireEye said, declining to name the victims.
“North Korea appears to be confident about hacking South Korea and now wants to look beyond,” said Shin Jin, a professor of political science at South Korea’s Chungnam National University. “Foreign nations are an unexplored market and many of them have security infrastructure weaker than South Korea.”
The group came under FireEye’s scrutiny when South Korea warned last month about a security vulnerability in Adobe Flash. A developer believed to belong to Reaper made the mistake of revealing his or her North Korean IP address, John Hultquist, FireEye’s director of intelligence analysis said. It’s unclear how large the group is, he added. “Ignored, these threats enjoy the benefit of surprise, allowing them to extract significant losses on their victims, many of whom have never previously heard of the actor,” FireEye said in an emailed statement.
(Bloomberg)
美國網路安全公司火眼指出,北韓網路間諜組織「死神」為了平壤的軍事與經濟利益,進行間諜情報的活動範圍已遠遠超出朝鮮半島,逐漸浮現成為全球性的威脅。
火眼公司在報告中表示,這個組織又以「APT37」為人所知,數年來皆針對南韓發動網路攻擊,然而該組織卻從二○一七年開始攻擊位於日本、越南、以及中東地區等地的目標。網路安全公司火眼的報告指出,此駭客組織──其網際網路協定位址(IP地址)可追溯到北韓境內──現在已滲透到許多產業中,範圍包括電子業和航太工業,以至於汽車產業與健康照護產業。
「死神」被歸類為與金正恩政權密切相關的多組駭客團隊之一,該名單內的成員不斷增加,其中名為「拉撒路」的團隊被美國認為是二○一四年索尼影視娛樂公司資料遭竊的幕後黑手。近年來,北韓持續擴展他們的網路攻擊行動範圍,為的是籌措更多現金與情報資訊,以減緩國際制裁帶來的衝擊,而「死神」的行動恰恰強調出北韓這類為抵禦國際制裁而帶給各國的挑戰。
「死神」至少從二○一二年開始就已展開活動,最典型的手段是將攜帶惡意軟體的電子郵件寄給攻擊目標,以竊取機密資訊。火眼公司表示,「死神」歷來鎖定的攻擊目標包括一間在北韓從事商業活動的中東電信公司、一間成立於日本並與聯合國某個制裁北韓組織相關的公司實體,以及一間越南貿易公司的總經理,不過火眼公司拒絕提出明確的受害者名單。
南韓忠南國立大學政治學系教授申進(音)表示:「北韓看起來對於向南韓發動駭客攻擊已經胸有成竹,所以現在想要向外尋找其它目標。」他也指出:「外國對北韓而言就像是未經開發的市場,而且其中多數國家的網路安全基礎建設都比南韓差。」
南韓在上個月曾經提出警告,指出常見的多媒體程式播放器 Adobe Flash 有某項安全漏洞,北韓的駭客集團就在此時被火眼公司盯上。火眼公司情報分析主任霍奎斯特表示,一位據信隸屬於「死神」團隊的程式開發人員不小心洩漏了他/她在北韓的網際網路協定位址。霍奎斯特補充說,目前並無法確知這個駭客集團的規模有多大。不過,火眼公司以電子郵件發送的聲明稿中提到:「由於長期不為人所知,這些安全威脅便得以攻人於不備,造成受害者極為嚴重的損失,而許多受害者甚至之前從來都沒有聽過這個駭客團隊的名號。」
(台北時報章厚明譯)
Follow up
課後練習
Reading Comprehension
1. In addition to stealing military secrets, Reaper is also engaged in industrial espionage.
(True/false)
2. Ransomware is used by hackers to steal information, whereas malware is used to extort money from its victims. (True/false)
3. Which industries are known to have been targeted by the Reaper cyber-spy group?
4. Why have international sanctions on North Korea been linked to an increase in cyberattacks from the country’s hacking groups?
5. If you were the owner of a business, what would you do to protect your company from hacking attacks?
(Edward Jones, Taipei Times)
It’s no secret that Japanese people have a deep affection for noodles. Like in the rest of East Asia, noodles are an important staple food, second only to rice. Japanese people have enjoyed noodles for over 1,000 years. The first noodles came from China and were introduced around 800 CE. As time passed, noodles in Japan not only became widespread but also developed some unique Japanese characteristics. The three most popular types of noodles in Japan are ramen, soba, and udon. Ramen, typically made from wheat flour, is usually thin and firm. The dough is kneaded and left to
Rice is an essential ingredient in Taiwanese cuisine. Many foods are made of rice, adding more variety to our cooking, such as rice cake, or “gui.” Wagui is made by steaming rice flour batter in a bowl. The term “gui” refers to a type of food made from rice, while “wa” refers to a bowl. The pronunciation of “gui” in Taiwanese Hokkien is similar to the word for “nobility” in Chinese, so it is common for people to prepare various types of gui, including wagui, as offerings to the gods or ancestors,. 米是台灣重要的主食,用米製成的食品十分多元,豐富我們的飲食,如米做成的「粿」。粿的意思是米做成的糕點,碗粿是將在來米漿倒入碗中蒸熟,因而得名。粿因為音同「貴」,因此碗粿等粿食常用作供品祭拜神明和祖先。 nobility (n.) 高貴,高尚;貴族 offering (n.) 供品 While Taiwan may not be
On Tuesday last week, the flame for this summer’s Paris Olympics was lit at the birthplace of the ancient Olympic Games in southern Greece in a meticulously choreographed ceremony. It will then be carried through Greece for more than 5,000km before being handed over to French organizers at the Athens venue used for the first modern Olympics in 1896. The pageantry at Olympia has been an essential part of every Olympics for nearly 90 years since the Games in Berlin. It’s meant to provide an ineluctable link between the modern event and the ancient Greek original on which it was initially modelled. Once
Continued from yesterday(延續自昨日) https://www.taipeitimes.com/News/lang As with many aspects of Japanese culture, there is etiquette to follow when you enjoy noodles. To fully experience noodles like a local on your next visit to Japan, consider these simple guidelines. First, be careful where you put your chopsticks. Don’t leave them sticking up in the broth or set them at the side of the bowl. When you have finished eating or if you’re taking a break, place them on the chopstick rest next to the bowl. Also, it is impolite to wave chopsticks around or bring them above mouth-level. Second, don’t take too