The FBI and the departments of State, Homeland Security and the Treasury have issued a guidance on malicious North Korean cyber activities and courses of action that organizations should take to address such threats.
The Cybersecurity and Infrastructure Security Agency said Wednesday that the U.S. government also plans to award up to $5M to informants of illicit North Korean cyberspace operations targeting U.S. financial institutions, critical infrastructure and government networks.
North Korea has also “increasingly relied on illicit activities” such as cybercrime to gain revenue for its ballistic missile and weapons of mass destruction programs, according to the advisory.
“The [Democratic People’s Republic of Korea] has the capability to conduct disruptive or destructive cyber activities affecting U.S. critical infrastructure,” the guidance states. “It is vital for the international community, network defenders, and the public to stay vigilant and to work together to mitigate the cyber threat posed by North Korea.”
FBI, DHS and the State and Treasury departments recommend organizations to raise awareness of North Korean cyber threats, share relevant information, implement cybersecurity best practices, notify law enforcement in the event of an attack and strengthen compliance with anti-money laundering and terrorism regulations.