North Korea is expanding operations of its sophisticated cyber-espionage unit, which is poised to unleash attacks against aerospace and defense industries, according to a new study.

California-based cyber-security company FireEye said a Pyongyang-linked group poses an “advanced threat” by using holes in the internet to carry out its attacks, the Washington Post reported.

The rogue regime bans the internet for ordinary citizens but has poured an enormous amount of time and money into building a cyberarmy that can outsmart other countries, including South Korea.

“Our concern is that this could be used for a disruptive attack rather than a classic espionage mission, which we already know that the North Koreans are regularly carrying out,” said John Hultquist, the company’s head of intelligence analysis.

FireEye said it has “high confidence” that a group it dubbed “APT37” — for “advanced persistent threat” — is behind several “zero-day vulnerability” attacks not just in South Korea but also in Japan, Vietnam and in the Middle East.

Hackers launch zero-day attacks by finding and exploiting flaws in software before the developers have a chance to create a patch to fix it.

“It’s like your security system is a big wall but someone knows that there’s a hole somewhere in that wall and can crawl through it,” Hultquist said. “It’s fairly rare.”

Analysts say Pyongyang has ramped up hacking operations partly to raise money for the cash-strapped regime, which is under heavy sanctions over its nuclear weapons and ballistic missile programs.

The North has previously been blamed for the WannaCry ransomware that briefly wreaked global havoc last year — an accusation it vehemently denies.

APT37, which has been active at least since 2012, previously focused its efforts on “government, military, defense industrial base and media sector” in the South. It now targets industries ranging from chemicals to telecommunications in other countries.

“This group should be taken seriously,” FireEye said.

FireEye’s first APT was identified in a 2013 report by company division Mandiant, which said that hackers who broke into American newspapers, government agencies and companies “are based primarily in China and that the Chinese government is aware of them,” Agence France-Presse reported.

One group, it said, was believed to be Unit 61398, a branch of the People’s Liberation Army in Shanghai. US federal prosecutors indicted five of its members on charges of stealing information from American companies.

“We have seen both North Korean and Chinese operations range from simplistic to very technically sophisticated,” Hultquist told AFP.

“The sharpest difference between the two really lies in the aggressive nature of North Korean operations.”

“Whereas Chinese actors have typically favoured quiet espionage, North Korea has demonstrated a willingness to carry out some very aggressive activity, ranging from attack to outright global crime,” he said.

The hermit kingdom’s cyberwarfare prowess first came to prominence when it was accused of hacking into Sony Pictures Entertainment to take revenge for “The Interview,” a satirical film that mocked its leader Kim Jong Un.