N Korea cyber threat ‘more aggressive’
North Korean hackers are becoming more aggressive than their Chinese counterparts, a leading US cybersecurity firm warned on Tuesday, as it identified a Pyongyang-linked group as an "advanced persistent threat".
It was the first time that FireEye had used the designation for a North Korean-based group. Analysts say the isolated and impoverished but nuclear-armed North has stepped up hacking operations partly to raise money for the cash-strapped regime, which is subject to multiple sanctions over its atomic weapons and ballistic missile programmes.
North Korea has previously been blamed for the WannaCry ransomware that briefly wreaked havoc around the world last year -- an accusation it angrily denies. FireEye said North Korean operatives had expanded their targets beyond South Korea and mounted increasingly sophisticated attacks, adding it had identified a suspected North Korean cyberespionage group it dubbed "APT37" -- standing for "advanced persistent threat".
APT37 was "primarily based in North Korea", it said, and its choice of targets "aligns with North Korean state interests". "We assess with high confidence that this activity is carried out on behalf of the North Korean government," it added.
APT37 has been active at least since 2012, it said, previously focused on "government, military, defence industrial base and media sector" in the rival South before widening its range to include Japan, Vietnam and the Middle East last year, and industries ranging from chemicals to telecommunications.
"This group should be taken seriously," FireEye added. FireEye’s first APT was identified in a 2013 report by company division Mandiant, which said that hackers penetrating US newspapers, government agencies and companies "are based primarily in China and that the Chinese government is aware of them".
One group, it said then, was believed to be a branch of the People’s Liberation Army in Shanghai called Unit 61398. Five of its members were later indicted by US federal prosecutors on charges of stealing information from US firms, provoking a diplomatic row between Washington and Beijing.
"We have seen both North Korean and Chinese operations range from simplistic to very technically sophisticated," FireEye’s director of intelligence analysis John Hultquist told AFP.
"The sharpest difference between the two really lies in the aggressive nature of North Korean operations," he added. "Whereas Chinese actors have typically favoured quiet espionage, North Korea has demonstrated a willingness to carry out some very aggressive activity, ranging from attack to outright global crime."
-
Trump Passes Verdict On Bad Bunny’s Super Bowl Halftime Show -
Super Bowl 2026 Live: Seahawks Defeat Patriots 29-13 To Win Super Bowl LX -
Kim Kardashian And Lewis Hamilton Make First Public Appearance As A Couple At Super Bowl 2026 -
Romeo And Cruz Beckham Subtly Roast Brooklyn With New Family Tattoos -
Meghan Markle Called Out For Unturthful Comment About Queen Curtsy -
Bad Bunny Headlines Super Bowl With Hits, Dancers And Celebrity Guests -
Insiders Weigh In On Kim Kardashian And Lewis Hamilton's Relationship -
Prince William, Kate Middleton Private Time At Posh French Location Laid Bare -
Stefon Diggs Family Explained: How Many Children The Patriots Star Has And With Whom -
Shamed Andrew ‘mental State’ Under Scrutiny Amid Difficult Time -
‘Narcissist’ Andrew Still Feels ‘invincible’ After Exile -
Bad Bunny's Super Bowl Halftime Show: What Time Will He Perform Tonight? -
Where Is Super Bowl 2026 Taking Place? Everything To Know About The NFL Showdown -
Chris Pratt Explains Why He And Katherine Schwarzenegger Did Premarital Counseling -
Drake 'turns Down' Chance To Hit Back At Kendrick Lamar At Super Bowl -
Sarah Ferguson Had A ‘psychosexual Network’ With Jeffrey Epstein