(TLP:CLEAR) The North Korean IT Worker Threat Continues to Expand

Summary: Google Cloud and CyberScoop have recently shared additional information indicating an expanding effort in scope and scale from the threat of Democratic People’s Republic of Korea (DPRK) IT workers infiltrating businesses in the U.S. and abroad for over a year.

Analyst Note: WaterISAC is sharing this article for continued awareness into the threat to critical infrastructure by DPRK cyber operatives. According to open-source reporting, the scope and scale of the DPRK IT worker threat continues to expand across the globe with DPRK workers gaining full-time employment as engineers and specialists and, therefore, having the highest degree of access in enterprise systems. According to insider risk management firm DTEX, there are thousands of estimated critical infrastructure organizations that have been infiltrated by DPRK operatives. Additionally, organizations that hire DPRK IT workers are at risk of espionage, data theft, and disruption, according to Google Cloud.

Original Source: https://cyberscoop.com/north-korea-technical-workers-full-time-jobs/

Additional Reading:

• DPRK IT Workers Expanding in Scope and Scale

Related WaterISAC PIRs: 6, 6.1