TDR published a FLINT aiming at **contextualising** and **analysing trends** pertaining to cyber malicious activities associated to the **Democratic People’s Republic of Korea**-nexus Intrusion Sets reported in open sources in 2022. Called "secret war" by Pyongyang, cyber malicious activities are a part of the North Korean offensive approach since at least 2004. DPRK offensive cyber activities include **cyberespionage** and **lucrative campaigns** and involve multiple state organisations, including the Ministry of State Security (MSS aka Bowibu) and the Reconnaissance General Bureau. Associated Intrusion Sets include Lazarus, Bluenoroff, Andariel, Reaper, and Kimsuky. Related resources: * [FLINT 2022-056 - The DPRK delicate sound of cyber](https://app.sekoia.io/intelligence/objects/report--70050f70-eaa8-4c30-bd2c-3e0e26c0cbad) * [North Korea](https://app.sekoia.io/intelligence/objects/location--41e6f61f-d388-4317-b583-3d508b1d7776)