North Korea Threat Landscape Update

Jan 24, 2024

Guest

Sherrod DeGrippo

Guest

Matthew Kennedy

Guest

Greg Schloemer

Sherrod DeGrippo, Greg Schloemer, and Matthew Kennedy discuss North Korean cyber operations, emphasizing their persistence, adaptability, and revenue generation through cryptocurrency theft. They explore the actions of the Lazarus group and its impact on North Korean cyber operations. The speakers also highlight Diamondsleet's software supply chain attack and the success of the Jade Sleet group in cryptocurrency thefts. They discuss North Korea's mindset of evolution, diverse techniques employed in cyber operations, and challenges of laundering stolen money. The speakers share their interests in cybersecurity and hope for regular updates on North Korea.

Ask episode

Chapters

Transcript

Episode notes

Introduction

00:00 • 3min

The Unique Actions of the Lazarus Group and their Impact on North Korean Cyber Operations

03:25 • 2min

Attention for North Korean Cyber Activities and Recent Tactics of Diamondsleet

05:19 • 4min

The Evolution and Success of the Jade Sleet Group in North Korean Cyber Operations

09:11 • 2min

North Korean Cyber Operations: Evolution over Revolution

11:36 • 21min

Priorities in Cybersecurity and Hope for Regular Updates on North Korea

32:45 • 2min

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Greg Schloemer and Matthew Kennedy. Sherrod, Greg, and Matthew discuss North Korean cyber operations, highlighting the unique aspects that set North Korea apart, emphasizing North Korea's persistence, adaptability, and the blending of APT and cybercrime elements, mainly focusing on revenue generation through activities like cryptocurrency theft. The discussion touches on the notorious Lazarus group, known for the Sony Pictures attack and WannaCry, and how their actions captured global attention. Sherrod, Greg, and Matthew also share personal insight into why they're drawn to this particular area of cybersecurity, offering listeners a unique perspective on the motivations and passions driving those at the forefront of defending our digital world.

In this episode you’ll learn:

The evolution of North Korean cyber operations
How cryptocurrency theft is used as a means to support the state
North Korea's unique approach to cyber operations and strategic evolution over time

Some questions we ask:

How much work have you put into becoming a blockchain and cryptocurrency expert?
What challenges arise in defending against these specific software supply chain attacks?
Why are you interested in working on North Korea-related cybersecurity?

Resources:

View Greg Schloemer on LinkedIn

View Matthew Kennedy on LinkedIn

View Sherrod DeGrippo on LinkedIn

Diamond Sleet supply chain compromise distributes a modified CyberLink installer

Related Microsoft Podcasts:

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Get the latest threat intelligence insights and guidance at Microsoft Security Insider

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.