North Korea is ramping up its hacking efforts. The existence of a new group of hackers in the hermit kingdom has been disclosed Tuesday. And they’re allegedly targeting major international firms.
A new group of North Korean spies and hackers has been identified, and their available methods and tools are extremely sophisticated. The group — known alternatively as “Reaper,” “Labyrinth Chollima,” or “APT37” — can even steal documents from computers that are disconnected from the internet, according to a research paper published Tuesday by cybersecurity firm FireEye.
Worryingly, FireEye’s intelligence arm has tracked the group’s efforts and says that Reaper has “expanded its operations in both scope and sophistication.” It has been active since 2012 and focuses on South Korean defense targets.
Reaper is apparently an entirely different group than the one that has been previously tied to alleged North Korean cyber attacks in the past, including the 2014 Sony Pictures attack and the WannaCry ransomware campaign last year. That hacking outfit is known as Lazarus.
But according to FireEye, Reaper could become a global threat that both governments and companies should take seriously.
John Hultquist, FireEye’s director of intelligence analysis, told CNN Tech that Reaper has been stepping up its spying initiatives on South Korean companies. These companies, Hultquist added, are multinational firms with offices and infrastructure across the globe.
And while he declined to name any particular firms, he told the publication that the South Korean firms are Fortune 500 companies and are “crown jewels” of the economy in the country.
Some notable firms that fit that description? LG Electronics, Hyundai and South Korean tech juggernaut Samsung Electronics, which is the largest smartphone manufacturer in the world.
In a separate interview with NBC News, Hultquist said that North Korea’s cyber campaigns have become “increasingly aggressive.” And along with espionage, the efforts have branched out into disruption attacks and cybercrime.
There’s evidence that the group is expanding its focus beyond South Korea, too — and picking targets in the Middle East, Japan and Vietnam. And FireEye believes that Reaper is only going to become more active.
“We expect very aggressive activity in the near future,” Hultquist told CNN Tech.