North Korea APT Slapped With Cyber Sanctions After Satellite Launch
Sanctions on Kimsuky/APT43 focuses the world on disrupting DPRK regime's sprawling cybercrime operations, expert says.
Reports linked to Kimsuky cover intrusion analysis, infrastructure, disruption efforts, and defensive guidance for affected organizations.
Search across headline titles and summaries.
Background for this topic.
Kimsuky is a name used by security researchers for an intrusion set associated with multiple espionage campaigns. Public reporting has linked activity under this name to spearphishing, malicious documents or links, credential-harvesting pages, and malware delivery. Some governments and researchers have assessed parts of this activity as connected to North Korea, but actor attribution can be uncertain and the label may cover operations that differ over time.
The main security concern is compromise of email and cloud identities: stolen passwords, session tokens, or authentication data can provide access to sensitive conversations and additional accounts. Defenders should prioritize phishing-resistant multifactor authentication, rapid patching of exposed internet-facing systems, and monitoring for unusual sign-ins, new mail-forwarding rules, persistence, and suspicious browser or endpoint activity. If exposure is suspected, preserve phishing messages and authentication logs, revoke active sessions, reset credentials, and review connected applications before closing the investigation.
Sanctions on Kimsuky/APT43 focuses the world on disrupting DPRK regime's sprawling cybercrime operations, expert says.
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective known as Kimsuky as well as eight foreign-based agents who are alleged to have facilitated sanctions evasion
The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals. [...]