Skip to main content

STATE ACTORS: North Korean Hackers Fund Espionage From Cybercrime Operations

North Korean Hackers Fund Espionage From Cybercrime Operations

Tuesday, 4th April 2023

Mandiant has released its latest advisory report on APT43 The North Korean hacker group responsible for orchestrating various Cybersecurity crimes in order to fund Espionage operations. Mandiant, Google Cloud’s cybersecurity subsidiary firm has classified the group, which it calls APT43 and which it has been monitoring since 2018, as a “moderately-sophisticated cyber operator that supports the interests of the North Korean regime.” 

The designation of the group as a “named threat actor” indicates that Mandiant’s cyber analysts had enough evidence to attribute activity to a specific group.

North Korea has long been known for its expansive scope and sophistication of its cyber weaponry, most infamously the massive 2014 hack into Sony Pictures over a film spoofing North Korean leader Kim Jong Un. Kim’s cyber warriors have been accused of netting millions of dollars at a time through their attacks.

The report, which offers a comprehensive look at APT43’s activities, highlights Pyongyang’s increasingly complex cybercrime operation.

Some of the known regime-backed groups are tied to large-scale schemes, like Lazarus Group, which U.S. investigators said was behind the Sony hack. Others, like APT43, have a narrower focus and complement the larger operations, while sharing techniques and working toward a common goal of supporting Kim’s nuclear ambitions, said Ben Read, head of Mandiant’s cyber espionage analysis.

The Group is also responsible for spoofing (cloning) websites of legitimate organizations to trick targets into giving out information that can be used in cyber crimes the group carries out to fund itself, according to a new report that tracked the cyber attackers’ operations over five years. Learn More /...

About Mandiant

Mandiant is recognised by enterprises, governments and law enforcement agencies worldwide as the market leader in threat intelligence and expertise gained on the front-lines of cyber security. To make every organization confidently ready for cyber threats, Mandiant scales its intelligence and expertise through the Mandiant Advantage SaaS platform to deliver current intelligence, automation of alert investigation and prioritisation and validation of security controls products from a variety of vendors. Learn More /... 

Image Credit: Vladimir Lysenko


Labels:
Location: Gibraltar

Comments

Post a Comment

Popular posts from this blog

CYBER BREACH: Data Breach Exposed Thousands of Pet Medical Records Including Owner Information

Tuesday, 5th December 2023 CYBER BREACH: Data Breach Exposed Thousands of Pet Medical Records Including Owner Information By Jeremiah Fowler - Website Planet  Syndicated By IainFraser.net/CYBER_Voice Daily Cyber Insights  Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to WebsitePlanet about a non-password protected database that contained over 56,000 records, including pet medical reports, DNA tests, pedigree history and other potentially sensitive information. As a long-time cyber security researcher, this is one of the most interesting discoveries I have ever encountered and a first for me.  I recently discovered a non-password protected database that contained records of thousands of dogs from around the world and included the information of their human owners. The publicly exposed cloud storage database contained a total of 56,624 documents in .PDF, .png, and .jpg formats with a total size of 25 GB. Upon further investigation, the database appeared...
Post a Comment
Learn More »

CYBERSECURITY NEWS: ECSO Launches its latest ground-breaking initiative CYBERHive

28th November 2023  CYBERSECURITY NEWS: ECSO Launches its latest ground-breaking initiative CYBERHive  Syndicated By: Iain Fraser/ Cyber PR Wire via IainFRASER.net/ CyberPRWire ECSO is delighted to announce the launch of its new, ground-breaking initiative: Cyberhive EUROPE. Cyberhive is the first-ever European marketplace co-created with- and for the European cybersecurity ecosystem, and will offer global accessibility to all Europe-headquartered cybersecurity solution providers, while also being freely accessible to end-users worldwide. Through the Cyberhive, ECSO will connect market players, promote European-made products, and ultimately strengthen the European cybersecurity market as a whole. To learn more about the Cyberhive, read below.  The second Annual CISO Meetup, organised by ECSO, starts today! Over 150 CISOs are joining us in Florence from all over Europe to engage in high-level discussions on critical cybersecurity topics. Read more below. Learn More /... ...
Post a Comment
Learn More »

CYBER THREAT INTEL: AI - UK & US Spooks publish AI Development Guidance

Tuesday, 28th November 2023 CYBER THREAT INTEL: AI - UK & US Spooks publish AI Development Guidance Posted by: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFraser.net/ Daily Cyber Insights CYBER THREAT INTEL: AI - UK & US Spooks publish AI Development Guidance The UK NCSC & US CISA have joint-published what they term as "security-focused guidance" for AI & ML developers and those who leverage AI/ML with their protocols and systems.  The Publication of Guidelines for Secure AI System Development (PDF),  apply to all types of AI/ML systems, regardless of whether built from wireframe up or added as a bolt-on on third-party resources, to address issues related to AI, cybersecurity, and critical infrastructure. Devised to be used in conjunction with existing Cybersecurity, Incident Response and Cyber Risk-Management protocols. The NCSC and CISA have said “Providers should implement security controls and mitigations where possible within their mode...
Post a Comment
Learn More »