Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Cybersecurity tool sprawl: when too many cooks spoil the soup!
Sasken Partners with VicOne to Deliver End-to-End Automotive Cybersecu...
Ricoh named in TIME World’s Best Companies of 2025 for employee ...
SU Group Holdings Receives Notice of Delisting from Nasdaq Due to Mini...
Fescaro, TUV Nord join forces on auto cybersecurity compliance
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      Cybersecurity tool sprawl: when too many cooks spoil the soup!

      Cybersecurity tool sprawl: when too many cooks spoil the soup!

      Monday, September 22, 2025, 5:16 PM Asia/Singapore | Features, Newsletter
    • Featured

      Combating the surge in Asia Pacific credential abuse and ransomware

      Combating the surge in Asia Pacific credential abuse and ransomware

      Wednesday, September 17, 2025, 5:06 PM Asia/Singapore | Features
    • Featured

      The rise of digital wallets: What businesses in APAC need to know

      The rise of digital wallets: What businesses in APAC need to know

      Tuesday, September 2, 2025, 1:59 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

News

Report: North Korea expanding remote IT worker operations in APAC and globally

By CybersecAsia editors | Wednesday, April 2, 2025, 3:03 PM Asia/Singapore

Report: North Korea expanding remote IT worker operations in APAC and globally

Latest findings from the Google Threat Intelligence Group (GTIG) on North Korea remote workers find operations shifting sights from the US to Europe and APAC. 

You must already have heard or read about IT workers from North Korea (DPRK) posing as legitimate remote workers to infiltrate companies and generate revenue for the regime.

Since GTIG’s last report analyzing the DPRK IT worker threat, crackdowns in the US have meant that these workers have found it increasingly challenging to seek and maintain employment in the country. 

GTIG has identified an increase of active operations globally, particularly in Europe and APAC, over the past few months, suggesting that this threat is no longer limited to the US. The map below illustrates the countries impacted by DPRK IT workers:

GTIG’s findings include the following analyses:

  • Targeting of defense industrial bases and European governments: In late 2024, GTIG identified a DPRK IT worker operating at least 12 personas across Europe and the US. This individual sought employment with multiple companies, particularly within defense industrial bases and European governments.
  • Falsification of identities: DPRK IT workers’ tactics included fabricated references, rapport-building with recruiters, and using their own fake personas to vouch for credibility. In their efforts to secure these positions, they falsely claimed nationalities from a diverse set of countries, including Italy, Japan, Malaysia, Singapore, Ukraine, the United States, and Vietnam. The identities utilized were a combination of real and fabricated personas.
  • New tactics include escalating extortion efforts: Since late October 2024, DPRK IT workers have significantly increased extortion attempts. Recently fired workers have threatened to leak proprietary data and source code to competitors. While these efforts initially targeted smaller organizations, law enforcement crackdowns have pushed them to go after larger enterprises with higher ransom demands.

Dr Jamie Collier, Lead Threat Intelligence Advisor, Europe, Google Threat Intelligence Group, commented: “A decade of diverse cyberattacks (encompassing SWIFT targeting, ransomware, cryptocurrency theft, and supply chain compromise), precedes North Korea’s latest surge. This relentless innovation demonstrates a longstanding commitment to fund the regime through cyber operations. Given DPRK IT workers’ operational success, North Korea will likely broaden its global reach. With APAC already impacted by these operations, this problem is set to escalate. These campaigns thrive on ignorance and will likely enjoy particular success in areas of APAC with less awareness of the threat.” 

Share:

PreviousThailand’s NCSA collaborates with Google Cloud for AI-powered cyber defense  
NextDahua Technology Releases 2024 ESG Report: Pioneering Sustainable Innovation for a Smarter, Greener Future

Related Posts

Will you be a prey on Valentine’s Day?

Will you be a prey on Valentine’s Day?

Monday, February 12, 2024

RaaS group adds pentesting tool to their arsenal

RaaS group adds pentesting tool to their arsenal

Tuesday, July 19, 2022

Despite exponentially rising email fraud threats, DMARC adoption lags in the largest firms

Despite exponentially rising email fraud threats, DMARC adoption lags in the largest firms

Wednesday, February 26, 2025

Tips to reduce cyber risks during your year-end travels and online activities

Tips to reduce cyber risks during your year-end travels and online activities

Monday, November 20, 2023

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • CISOs can navigate emerging risks from autonomous AI with a new security framework

    CISOs can navigate emerging risks from autonomous AI with a new security framework

    See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
  • MoneyMe strengthens fraud prevention and credit decisioning

    MoneyMe strengthens fraud prevention and credit decisioning

    Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
  • PT Kereta Api Indonesia announces nationwide email and communication overhaul

    PT Kereta Api Indonesia announces nationwide email and communication overhaul

    The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more
  • Operationalizing sustainability in cybersecurity: Group-IB’s approach

    Operationalizing sustainability in cybersecurity: Group-IB’s approach

    See how the firm turned malware-group takedowns into measurements of sustainability and resilience gains: by …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.