(TLP:AMBER+STRICT) E-ISAC Report – North Korean (DPRK) IT Worker Threat in the Electricity Sector

The Electricity-ISAC has recently become aware of remote IT workers suspected of operating on behalf of the Democratic People’s Republic of Korea (DPRK) having applied for employment in the North American electric utility sector. The report includes a list of “personas” that have been attributed to DPRK IT worker activity.

DPRK-affiliated IT workers are known to apply for jobs that are designated as “remote” and are technology focused. The job roles and responsibilities usually require high-level access to include administrative access to fulfill job requirements. WaterISAC is sharing this E-ISAC report for member awareness. Access the full report below.

Additional Resource:

• Staying a Step Ahead: Mitigating the DPRK IT Worker Threat | Mandiant
• Insider Threat – KnowBe4 Didn’t ‘Know Before’ Emphasizes how it can Happen to Any Organization
• CISA Alert – FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity