US, S. Korea Issue Joint Cybersecurity Advisory against N. Korean State-Sponsored Actors

Kamso Oguejiofor-Abugu Kamso Oguejiofor-Abugu Writer

In a collaborative effort, the United States and the Republic of Korea (ROK) governments have released a joint cybersecurity advisory, highlighting the threat posed by Democratic People’s Republic of Korea (DPRK) state-sponsored cyber actors known as Kimsuky.

The advisory, issued by the Federal Bureau of Investigation (FBI), U.S. Department of State, National Security Agency (NSA), ROK’s National Intelligence Service (NIS), National Police Agency (NPA), and Ministry of Foreign Affairs (MOFA), focuses on the use of social engineering techniques employed by Kimsuky to enable computer network exploitation (CNE) globally.

“This joint Cybersecurity Advisory provides detailed information on how Kimsuky actors operate, warning signs of spearphishing campaigns, and mitigation measures that can be implemented to enhance network security against Kimsuky operations,” the U.S. Department of State said in a press release.

Kimsuky cyber actors have been targeting individuals employed by research centers, academic institutions, think tanks, and news media organizations. They strategically pose as legitimate sources — such as academics, journalists, or individuals with credible links to North Korean policy circles — to collect intelligence on foreign policy strategies, geopolitical events, diplomatic efforts, and security developments of interest to the DPRK.

The advisory also highlights the risk of underestimating the threat posed by these social engineering campaigns, warning that “North Korea relies heavily on intelligence gained by compromising policy analysts” and that “successful compromises enable Kimsuky actors to craft more credible and effective spearphishing emails that can be leveraged against more sensitive, higher-value targets.”

To protect against DPRK cyber operations, individuals and entities are encouraged to follow the mitigation measures outlined in the advisory. These measures include using strong passwords, enabling multi-factor authentication, refraining from enabling macros in email attachments, verifying contact information through official websites, and conducting video calls to confirm identities.

The release of this joint advisory serves as a crucial step in countering the cyber threats posed by Kimsuky and reinforces the commitment of the U.S. and ROK governments to enhance global cybersecurity measures.

About the Author

About the Author

Kamso Oguejiofor is a former Content Writer at SafetyDetectives. He has over 2 years of experience writing and editing topics about cybersecurity, network security, fintech, and information security. He has also worked as a freelance writer for tech, health, beauty, fitness, and gaming publications, and he has experience in SEO writing, product descriptions/reviews, and news stories. When he’s not studying or writing, he likes to play basketball, work out, and binge watch anime and drama series.

Leave a Comment