NCSC warning on North Korea

557 Views

It is no surprise that the DPRK has raised its profile as a global player in cyber espionage.

Our data indicates that threat actors associated with the DPRK are some of the most prolific developers of malware to target macOS devices. The APTs that we see coming from these state-sponsored groups are generally associated with infostealers. They seem to receive regular updates as the campaigns mature and the software improves in its ability to bypass controls and maintain persistence for longer periods of time.

It is important that organisations continue to build layers of defence to combat these attacks, ensuring that each layer adds to the overall security posture of the organization, and improves detection capabilities by looking for attacks across a variety of threat vectors.

The NCSC advisory should be a call to action for organisations to improve the sharing of threat intelligence so the community of organisations providing critical infrastructure can work together to reduce the impact of these attacks.