The DPRK group’s attempts to exfiltrate data and install RMM tools by posing as US IT workers is one of several examples that show cross-domain analysis is needed to tackle rising identity-based attacks, according to CrowdStrike’s counter adversary team, as the company reels in the worldwide outage’s wake.
On the flipside how many people are trying to infiltrate NK? I’m not saying that NK (or any state) is good. But it’s empire that created and maintains NK. Koreans are the real victims, not these dumb corporations trying to skimp on labor by hiring fake people.