North Korean cyber-spy group “Reaper” is emerging as a global threat, conducting espionage well beyond the Korean peninsula in support of Pyongyang’s military and economic interests, says US cybersecurity firm FireEye Inc.
The group, known also as APT37, in 2017 began attacking targets in Japan, Vietnam and the Middle East after having focused on its southern neighbor for years, FireEye said in a report. The hacking group — traced to an IP address in North Korea — now infiltrates a range of industries from electronics and aerospace to automotive and health care, the cybersecurity firm said.
Reaper joins a growing list of hacking units linked to Kim Jong-un’s regime, including “Lazarus,” which the US blamed for a 2014 data theft at Sony Pictures Entertainment. North Korea has been widening its cyber-operations in pursuit of cash and intelligence in an attempt to cushion the impact of international sanctions, and Reaper underscores the challenge in fending them off.
Photo: AP
照片:美聯社
Reaper has been active since at least 2012, and typically sends its targets e-mails laced with malware to steal confidential information. Its targets have included a Middle Eastern telecommunications company doing business in North Korea, a Japan-based entity associated with a United Nations group on sanctions and the general director of a Vietnamese trading company, FireEye said, declining to name the victims.
“North Korea appears to be confident about hacking South Korea and now wants to look beyond,” said Shin Jin, a professor of political science at South Korea’s Chungnam National University. “Foreign nations are an unexplored market and many of them have security infrastructure weaker than South Korea.”
The group came under FireEye’s scrutiny when South Korea warned last month about a security vulnerability in Adobe Flash. A developer believed to belong to Reaper made the mistake of revealing his or her North Korean IP address, John Hultquist, FireEye’s director of intelligence analysis said. It’s unclear how large the group is, he added. “Ignored, these threats enjoy the benefit of surprise, allowing them to extract significant losses on their victims, many of whom have never previously heard of the actor,” FireEye said in an emailed statement.
(Bloomberg)
美國網路安全公司火眼指出,北韓網路間諜組織「死神」為了平壤的軍事與經濟利益,進行間諜情報的活動範圍已遠遠超出朝鮮半島,逐漸浮現成為全球性的威脅。
火眼公司在報告中表示,這個組織又以「APT37」為人所知,數年來皆針對南韓發動網路攻擊,然而該組織卻從二○一七年開始攻擊位於日本、越南、以及中東地區等地的目標。網路安全公司火眼的報告指出,此駭客組織──其網際網路協定位址(IP地址)可追溯到北韓境內──現在已滲透到許多產業中,範圍包括電子業和航太工業,以至於汽車產業與健康照護產業。
「死神」被歸類為與金正恩政權密切相關的多組駭客團隊之一,該名單內的成員不斷增加,其中名為「拉撒路」的團隊被美國認為是二○一四年索尼影視娛樂公司資料遭竊的幕後黑手。近年來,北韓持續擴展他們的網路攻擊行動範圍,為的是籌措更多現金與情報資訊,以減緩國際制裁帶來的衝擊,而「死神」的行動恰恰強調出北韓這類為抵禦國際制裁而帶給各國的挑戰。
「死神」至少從二○一二年開始就已展開活動,最典型的手段是將攜帶惡意軟體的電子郵件寄給攻擊目標,以竊取機密資訊。火眼公司表示,「死神」歷來鎖定的攻擊目標包括一間在北韓從事商業活動的中東電信公司、一間成立於日本並與聯合國某個制裁北韓組織相關的公司實體,以及一間越南貿易公司的總經理,不過火眼公司拒絕提出明確的受害者名單。
南韓忠南國立大學政治學系教授申進(音)表示:「北韓看起來對於向南韓發動駭客攻擊已經胸有成竹,所以現在想要向外尋找其它目標。」他也指出:「外國對北韓而言就像是未經開發的市場,而且其中多數國家的網路安全基礎建設都比南韓差。」
南韓在上個月曾經提出警告,指出常見的多媒體程式播放器 Adobe Flash 有某項安全漏洞,北韓的駭客集團就在此時被火眼公司盯上。火眼公司情報分析主任霍奎斯特表示,一位據信隸屬於「死神」團隊的程式開發人員不小心洩漏了他/她在北韓的網際網路協定位址。霍奎斯特補充說,目前並無法確知這個駭客集團的規模有多大。不過,火眼公司以電子郵件發送的聲明稿中提到:「由於長期不為人所知,這些安全威脅便得以攻人於不備,造成受害者極為嚴重的損失,而許多受害者甚至之前從來都沒有聽過這個駭客團隊的名號。」
(台北時報章厚明譯)
Follow up
課後練習
Reading Comprehension
1. In addition to stealing military secrets, Reaper is also engaged in industrial espionage.
(True/false)
2. Ransomware is used by hackers to steal information, whereas malware is used to extort money from its victims. (True/false)
3. Which industries are known to have been targeted by the Reaper cyber-spy group?
4. Why have international sanctions on North Korea been linked to an increase in cyberattacks from the country’s hacking groups?
5. If you were the owner of a business, what would you do to protect your company from hacking attacks?
(Edward Jones, Taipei Times)
Jiang Yiwu paced the small room and wondered how the leader of the Literary Society had got here. He could hear the Russian and Manchu police outside. They were looking for him. The Russians controlled the railways now, cutting through China, taking land and resources. The people were angry, and so was he. The revolution was almost ready. But things went wrong. Sun Wu, a key leader, lay in the hospital with critical wounds. The explosives were meant for the revolution but detonated by accident. Sun and the revolutionary plans were discovered by the police. Jiang grimaced at the
At an unusual event, a group of people gather and sit together without interacting or checking their phones. Instead, they concentrate on nothing at all and empty their minds for the Space-Out Competition. Originally proposed by South Korean artist Woopsyang in 2014, this event is a form of performance art. It challenges the social expectation to remain constantly busy in this fast-paced world, offering competitors a pause from their routines. For 90 minutes, players are scored on how well they “space out” based on artistic and technical aspects, with their heart rates monitored every 15 minutes. Then, the audience votes for
A: Taiwanese-language pop singer Jody Chiang is finally staging a comeback after having “turned off the microphone” for nine years. B: Yeah, she’s set to perform for the National Day celebration at the Taipei Dome this Saturday. A: As the best Taiwanese-language singer, it would be a big loss if she continued her hiatus. B: Recently, Chiang revealed that she quit singing in 2015 due to cancer. A: That’s shocking. But it’s great to see her healthy and able to turn the mic back on again. A: 台語歌后江蕙「封麥」9年後,終於即將復開唱了。 B: 對啊她本週六將參加國慶晚會,在大巨蛋開唱。 A: 江蕙可是最棒的台語歌手,如果不唱歌太可惜了。 B: 她最近才透露,其實2015年是因為罹癌才會「封麥」。 A: 真是令人震驚!能再看到她健康地「開麥」太好啦。 (By Eddy Chang,
Have you ever counted the number of keys on a piano? On a standard modern piano, the number of keys is 88. So, why is this the case? The piano is believed to have been invented around the beginning of the 18th century. It was first created as a modified version of the harpsichord. Most harpsichords at the time had 60 keys—covering five octaves, with each octave comprising seven white keys and five black keys. That’s why the earliest pianos also had 60 keys. The white keys on a piano are called natural keys and correspond to the musical