The United States has warned of a cyber attack by a North Korean hacking group known as “Kimsuky.”
The Federal Bureau of Investigation(FBI), Cybersecurity and Infrastructure Security Agency(CISA) and U.S. Cyber Command(USCC) issued the warning to the private sector.
The agencies said the hackers engaged in advanced persistent threat(APT) and tend to run intelligence-gathering intrusions against targets in South Korea, Japan and the U.S., focusing on nuclear, deterrence and foreign policy issues concerning the Korean Peninsula.
The alert said the hackers typically approach victims by pretending to be a journalist arranging an interview, then sending spearphishing emails and watering holes to trick them into giving up information.
The U.S. said Kimsuky’s operations, which have been active since at least 2012, are “most likely tasked by the North Korean regime.”