ICT・通信障害・サイバー攻撃 | 脅威 | 災害の芽を摘む – saigai.me

North Korea Cyber Threat Overview and Advisories
North Korea mapThis page provides an overview of the Cybersecurity and Infrastructure Security Agency’s (CISA's) assessment of the North Korean government’s malicious cyber activities. The U.S. Government (USG) refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. The overview leverages publicly available, open-source intelligence and information regarding this threat. This page also includes a complete list of related CISA publications, many of which are jointly authored with other U.S. government agencies (Note: unless specifically stated, neither CISA nor the U.S. Government attributed specific activity described in the referenced sources to North Korean government actors). Additionally, this page provides instructions on how to report related threat activity.

The North Korean government—officially known as the Democratic People’s Republic of Korea (DPRK)—employs malicious cyber activity to collect intelligence, conduct attacks, and generate revenue.[1],[2] Recent advisories published by CISA and other unclassified sources reveal that North Korea is conducting operations worldwide. According to the U.S. Office of the Director of National Intelligence 2021 Annual Threat Assessment, "North Korea’s cyber program poses a growing espionage, theft, and attack threat." Specifically, the Assessment states, "North Korea has conducted cyber theft against financial institutions and cryptocurrency exchanges worldwide, potentially stealing hundreds of millions of dollars, probably to fund government priorities, such as its nuclear and missile programs."[3]

【参考】CISA: North Korea Cyber Threat Overview and Advisories