The DPRK delicate sound of cyber 🇰🇵

TDR published a FLINT aiming at contextualising and analysing trends pertaining to cyber malicious activities associated to the Democratic People’s Republic of Korea-nexus Intrusion Sets reported in open sources in 2022.

Called "secret war" by Pyongyang, cyber malicious activities are a part of the North Korean offensive approach since at least 2004. DPRK offensive cyber activities include cyberespionage and lucrative campaigns and involve multiple state organisations, including the Ministry of State Security (MSS aka Bowibu) and the Reconnaissance General Bureau. Associated Intrusion Sets include Lazarus, Bluenoroff, Andariel, Reaper, and Kimsuky.

Related resources:

What do you think about this update?