FORT MEADE, Md. – The National Security Agency (NSA) joins the Federal Bureau of Investigation (FBI) and others in releasing the joint Cybersecurity Advisory (CSA), “North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs.” The CSA includes detection methods and mitigation measures to help counter the malicious activity.
This CSA details cyber espionage activity of the Democratic People’s Republic of Korea (DPRK) Reconnaissance General Bureau (RGB) 3rd Bureau. The group primarily targets defense, aerospace, nuclear, and engineering entities to obtain sensitive and classified technical information and intellectual property to advance the regime’s military and nuclear programs and ambitions. The authoring agencies assess this group poses an ongoing threat to various industry sectors worldwide, including, but not limited to, entities in the United States, South Korea, Japan, and India. The group funds its espionage activity through ransomware operations against U.S. healthcare entities.