The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released Tuesday a pair of Joint Technical Alerts detailing tools and infrastructure used by the North Korean government to conduct malicious cyber activity.
The activity noted in the alerts is part of a long-term campaign of cyber-enabled operations that target the media, aerospace, financial and critical infrastructure sectors and affect the U.S. Government and its citizens.
Earlier this year, DHS and FBI released a technical alert and malware analysis report (MAR) of a malware variant called DeltaCharlie used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure.
The U.S. Government refers to all of this North Korean malicious cyber activity as HIDDEN COBRA and publishes it on the National Cybersecurity and Communications Integration Center’s (NCCIC) U.S. Computer Emergency Readiness Team’s (US-CERT) website.
DHS recently said it is seeking to increase its collaboration across the globe and support increased public information sharing to address shared cyber threats.
DHS has urged entities that discover signs of this malicious cyber activity to report it to NCCIC or FBI through CyWatch or its local field offices.