Today the U.S. Department of State, the Federal Bureau of Investigation, and the National Security Agency together with partners from the Republic of Korea Ministry of Foreign Affairs, National Police Agency, and National Intelligence Service are releasing a Cybersecurity Advisory  on social engineering and hacking threats posed by the DPRK cyber group known as Kimsuky. This Advisory is collaborative effort between our two governments and a concrete outcome of the U.S.-ROK Working Group on DPRK Cyber Threats.

Kimsuky, a set of DPRK cyber actors, conducts large-scale social engineering campaigns in which victims at think tanks, academic institutions, and news outlets are manipulated and compromised for the purpose of intelligence gathering.

This joint Cybersecurity Advisory provides detailed information on how Kimsuky actors operate, warning signs of spearphishing campaigns, and mitigation measures that can be implemented to enhance network security against Kimsuky operations.

If you believe you’ve been targeted by a DPRK spearphishing campaign by Kimsuky actors, please report the incident to  and reference #KimsukyCSA in the description.

U.S. Department of State

The Lessons of 1989: Freedom and Our Future