The Bundesamt für Verfassungsschutz (BfV) of the Federal Republic of Germany and the National Intelligence Service (NIS) of the Republic of Korea (ROK) are issuing a second Joint Cyber Security Advisory (CSA) to raise awareness of cyber campaigns highly likely carried out by cyber actors of North Korea against the defense sector targeting companies and research centers.

The Democratic People’s Republic of Korea (DPRK) puts high emphasis on military strength and focuses on the theft of advanced defense technologies from targets around the world. The BfV and NIS assess that the regime is using the military technologies to modernize and improve the performance of conventional weapons and to develop new strategic weapon systems including reconnaissance satellites and submarines. DPRK increasingly uses cyber espionage as a cost-effective means to obtain military technologies.

This Joint CSA details DPRK’s tactics, techniques and procedures (TTPs) and Indicators of Compromise (IoCs) as well as it introduces two representative cases of intrusions into facilities of the defense sector.