In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Proofpoint’s Greg Lesnewich and Microsoft’s Greg Schloemer to share the unique threat posed by North Korea’s (DPRK) state-sponsored cyber activities. The Gregs discuss their years of experience tracking North Korean cyber actors and the distinct tactics that set DPRK apart from other nation-sponsored threats. The conversation also explores North Korea’s high stakes, as DPRK threat actors operate under intense pressure from government handlers, adding a layer of urgency and fear to their operations. They share insights into North Korea’s aggressive use of stolen cryptocurrency to fund the regime’s initiatives, like ballistic missile tests, and discuss the broader geopolitical impact.  

In this episode you’ll learn:      

• The technical sophistication and the relentlessness of DPRK cyber tactics 


• Complex motives behind funding and sustaining the North Korean government 


• The training and skills development of North Korean cyber operators 

Some questions we ask:     

• How do North Korean threat actors set up their relay networks differently? 


• What sets North Korea apart from other nation-sponsored threat actors? 


• How do North Korean cyber actors differ from traditional e-crime actors? 

Resources:  

View Greg Schloemer on LinkedIn  

View Greg Lesnewich on LinkedIn 

View Sherrod DeGrippo on LinkedIn  

Blog links: 

Citrine Sleet Observed Exploiting Zero Day 

New North Korean Threat Actor Identified as Moonstone Sleet 

East Asia Threat Actor Technique Report 

Related Microsoft Podcasts:                   

• 
  Afternoon Cyber Tea with Ann Johnson 


• 
  The BlueHat Podcast 


• 
  Uncovering Hidden Risks     

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Get the latest threat intelligence insights and guidance at Microsoft Security Insider 

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.