Ian Talley and Dustin Volz at the WSJ wrote:
"WASHINGTON—New U.S. sanctions against North Korean hackers and revelations about North Korean malware show how Pyongyang’s cyber operations have become a crucial revenue stream and a security threat that soon could rival its weapons program, U.S. and industry officials say.
North Korea’s hacks of financial systems and critical infrastructure world-wide reveal sophisticated cyber capabilities developed to counter global sanctions and expand Pyongyang’s geopolitical power, according to these officials.
The U.S. Treasury Department, in blacklisting the three hacking groups allegedly run by North Korea’s primary intelligence service, said Friday they collectively were responsible for operations across 10 countries, stealing hundreds of millions of dollars from banks and cryptocurrency exchanges, pilfering military secrets, destabilizing infrastructure and intimidating adversaries."
The article goes into much more detail and is excellent ammo for more InfoSec budget. I recommend sending this link to your C-level budget holders:
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your quote for KnowBe4's security awareness training and simulated phishing platform and find out how affordable this is!
