North Korea's illicit profit-driven cyber operations have been underpinned by an amalgamation of espionage, criminal, and fraudulent IT worker activities, CyberScoop reports.
Aside from having actors working for the U.S.-sanctioned Chinyong IT Cooperation Company to support the theft of cryptocurrency, North Korea has also promoted several original members of its state-backed threat groups to lead oversight of new operatives, who are then tasked to work across various roles dependent on the needs of the regime, an analysis from DTEX Systems showed. North Korea has also created Research Center 227, which has been leveraging artificial intelligence to adopt obtained threat intelligence. "This is less a typical state actor and more akin to a globally dispersed, mafia-style network, where motivations are driven not just by political power, but by a survival mentality rooted in deep economic hardship and familial obligations," said DTEX Principal i3 Insider Risk Investigator Michael Barnhart, who led the report.
Aside from having actors working for the U.S.-sanctioned Chinyong IT Cooperation Company to support the theft of cryptocurrency, North Korea has also promoted several original members of its state-backed threat groups to lead oversight of new operatives, who are then tasked to work across various roles dependent on the needs of the regime, an analysis from DTEX Systems showed. North Korea has also created Research Center 227, which has been leveraging artificial intelligence to adopt obtained threat intelligence. "This is less a typical state actor and more akin to a globally dispersed, mafia-style network, where motivations are driven not just by political power, but by a survival mentality rooted in deep economic hardship and familial obligations," said DTEX Principal i3 Insider Risk Investigator Michael Barnhart, who led the report.
