Summary: Yesterday, the FBI released a Public Service Announcement (PSA) providing an update to previously shared guidance regarding the Democratic People’s Republic of Korea (North Korea) IT worker threat to U.S. organizations. The PSA shares how North Korea is evading U.S. and U.N. sanctions by targeting private companies to illicitly generate substantial revenue for the regime. The announcement includes tips to defend against this threat and further notes how North Korean IT workers leverage U.S.-based individuals, both witting and unwitting, to gain fraudulent employment access to U.S. company networks to generate this revenue.
Analyst Note: Last month, WaterISAC joined other Information Sharing and Analysis Centers (ISACs) in a cross-sector report that brings further awareness and mitigation guidance to defend against this enduring threat. WaterISAC encourages members to review the PSA to supplement this guidance and to help protect against the threat posed by North Korean IT workers.
Original Source: https://www.ic3.gov/PSA/2025/PSA250723-4
Mitigation Recommendations:
Related WaterISAC PIRs: 6, 7, 10, 12
