North Korean Threat Widens to Target Multinationals

The North Korean–linked hacking group known as Reaper is expanding its operations in both scope and sophistication, and it has now graduated to the level of an advanced persistent threat. According to FireEye, the threat actor has carried out long-term targeting of North Korea’s interests in South Korea since 2013, but it’s now focusing on multinational campaigns using advanced capabilities. For instance, the group recently exploited a zero-day vulnerability in Abode Flash Player, CVE-2018-4878, which represents a concerning level of technical sophistication. “The slow transformation of regional actors into global threats is well established,” the firm said in a report on the group, which has added a new moniker to its name: APT37. “Minor incidents in Ukraine, the Middle East and South Korea have heralded the threats, which are now impossible to ignore. In some cases, the global economy connects organizations to aggressive regional actors. In other cases, a growing mandate draws the actor on to the international stage. Ignored, these threats enjoy the benefit of surprise, allowing them to extract significant losses on their victims, many of whom have never previously heard of the actor.”