North Korea’s hackers launch attacks following action on sanctions



News North Korea’s hackers launch attacks following action on sanctions Researchers suggest Kimsuky phishing attempts follow predictable pattern Nils Weisensee May 21, 2021 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON NK News (file photo) North Korea appears to ramp up cyberattacks against some U.S. organizations within weeks after new sanctions are imposed or existing ones are enforced, a report by the RAND Corporation published earlier this month suggests. Researchers said they analyzed phishing attacks against RAND attributed to the DPRK-linked Kimsuky group over the course of two years, and found a high correlation between sanctions activity and attempts to trick RAND staff into clicking malicious links. “Anything related to sanctions — whether new ones are imposed, removal of existing ones is denied in negotiations, or violations of existing ones are claimed Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01Exclusive: North Korea testing larger new recon drone, pushing deployment plan 02DPRK arms shipments to Russia slow in early 2025 but Feb. sees renewed activity 03Satellite images show demolition at North Korea’s military parade training base 04North Korean ICBM factory upgrade project slows, satellite imagery shows 05North Korea building second warship of largest new class on east coast: Report 06Beyond the battlefield: How drone cooperation deepens North Korea-Russia ties 07Kim Jong Un awards more military towns new projects, reversing vow to poor areas 08How a US-Russia deal on Ukraine could reshape North Korea’s strategic future

News

North Korea’s hackers launch attacks following action on sanctions

Researchers suggest Kimsuky phishing attempts follow predictable pattern

Nils Weisensee May 21, 2021

North Korea’s hackers launch attacks following action on sanctions

NK News (file photo)

North Korea appears to ramp up cyberattacks against some U.S. organizations within weeks after new sanctions are imposed or existing ones are enforced, a report by the RAND Corporation published earlier this month suggests. Researchers said they analyzed phishing attacks against RAND attributed to the DPRK-linked Kimsuky group over the course of two years, and found a high correlation between sanctions activity and attempts to trick RAND staff into clicking malicious links.

“Anything related to sanctions — whether new ones are imposed, removal of existing ones is denied in negotiations, or violations of existing ones are claimed

01Exclusive: North Korea testing larger new recon drone, pushing deployment plan
02DPRK arms shipments to Russia slow in early 2025 but Feb. sees renewed activity
03Satellite images show demolition at North Korea’s military parade training base
04North Korean ICBM factory upgrade project slows, satellite imagery shows
05North Korea building second warship of largest new class on east coast: Report
06Beyond the battlefield: How drone cooperation deepens North Korea-Russia ties
07Kim Jong Un awards more military towns new projects, reversing vow to poor areas
08How a US-Russia deal on Ukraine could reshape North Korea’s strategic future

North Korea’s hackers launch attacks following action on sanctions

LATEST ANALYSIS

Similar Articles

About the Author

Nils Weisensee