The DPRK group’s attempts to exfiltrate data and install RMM tools by posing as US IT workers is one of several examples that show cross-domain analysis is needed to tackle rising identity-based attacks, according to CrowdStrike’s counter adversary team, as the company reels in the worldwide outage’s wake.
How long before companies start using this as an excuse for return to office?
Sure, you’ve been working here since before the pandemic, but maybe now you’re a North Korean spy! The only way to be sure is for you to come into the office and average 4 days a week.