Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Around 16.4m email accounts added to largest dataset of stolen credent...
DNS cache poisoning risk escalates as new BIND vulnerabilities impact ...
ICAC’s first-ever AI and technologies training in anti-corruptio...
Biometrics and the digital identity crisis today
6 practical steps to strengthening M&A cyber due diligence
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      Biometrics and the digital identity crisis today

      Biometrics and the digital identity crisis today

      Tuesday, October 28, 2025, 3:30 PM Asia/Singapore | Features
    • Featured

      Collaboration and data security for today’s agentic workspace

      Collaboration and data security for today’s agentic workspace

      Wednesday, October 22, 2025, 1:42 PM Asia/Singapore | Features, Tips
    • Featured

      The AI paradox in cybersecurity

      The AI paradox in cybersecurity

      Wednesday, October 15, 2025, 11:24 AM Asia/Singapore | Features, Newsletter
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

News

Report: North Korea expanding remote IT worker operations in APAC and globally

By CybersecAsia editors | Wednesday, April 2, 2025, 3:03 PM Asia/Singapore

Report: North Korea expanding remote IT worker operations in APAC and globally

Latest findings from the Google Threat Intelligence Group (GTIG) on North Korea remote workers find operations shifting sights from the US to Europe and APAC. 

You must already have heard or read about IT workers from North Korea (DPRK) posing as legitimate remote workers to infiltrate companies and generate revenue for the regime.

Since GTIG’s last report analyzing the DPRK IT worker threat, crackdowns in the US have meant that these workers have found it increasingly challenging to seek and maintain employment in the country. 

GTIG has identified an increase of active operations globally, particularly in Europe and APAC, over the past few months, suggesting that this threat is no longer limited to the US. The map below illustrates the countries impacted by DPRK IT workers:

GTIG’s findings include the following analyses:

  • Targeting of defense industrial bases and European governments: In late 2024, GTIG identified a DPRK IT worker operating at least 12 personas across Europe and the US. This individual sought employment with multiple companies, particularly within defense industrial bases and European governments.
  • Falsification of identities: DPRK IT workers’ tactics included fabricated references, rapport-building with recruiters, and using their own fake personas to vouch for credibility. In their efforts to secure these positions, they falsely claimed nationalities from a diverse set of countries, including Italy, Japan, Malaysia, Singapore, Ukraine, the United States, and Vietnam. The identities utilized were a combination of real and fabricated personas.
  • New tactics include escalating extortion efforts: Since late October 2024, DPRK IT workers have significantly increased extortion attempts. Recently fired workers have threatened to leak proprietary data and source code to competitors. While these efforts initially targeted smaller organizations, law enforcement crackdowns have pushed them to go after larger enterprises with higher ransom demands.

Dr Jamie Collier, Lead Threat Intelligence Advisor, Europe, Google Threat Intelligence Group, commented: “A decade of diverse cyberattacks (encompassing SWIFT targeting, ransomware, cryptocurrency theft, and supply chain compromise), precedes North Korea’s latest surge. This relentless innovation demonstrates a longstanding commitment to fund the regime through cyber operations. Given DPRK IT workers’ operational success, North Korea will likely broaden its global reach. With APAC already impacted by these operations, this problem is set to escalate. These campaigns thrive on ignorance and will likely enjoy particular success in areas of APAC with less awareness of the threat.” 

Share:

PreviousThailand’s NCSA collaborates with Google Cloud for AI-powered cyber defense  
NextDahua Technology Releases 2024 ESG Report: Pioneering Sustainable Innovation for a Smarter, Greener Future

Related Posts

2019: A year of frantic ransomware evolution

2019: A year of frantic ransomware evolution

Thursday, May 28, 2020

Will India’s new cybersecurity mandates spur investments at last?

Will India’s new cybersecurity mandates spur investments at last?

Monday, January 4, 2021

Nine DevSecOps secret scanning tools to keep the bad guys at bay

Nine DevSecOps secret scanning tools to keep the bad guys at bay

Tuesday, April 26, 2022

Cybersecurity report shows a third of respondents did not monitor ICS/OT threats

Cybersecurity report shows a third of respondents did not monitor ICS/OT threats

Wednesday, November 2, 2022

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • HOSTWAY gains 73% operational efficiency for private cloud operations  

    HOSTWAY gains 73% operational efficiency for private cloud operations  

    With NetApp storage solutions, the Korean managed cloud service provider offers a lean, intelligent architecture, …Read more
  • CISOs can navigate emerging risks from autonomous AI with a new security framework

    CISOs can navigate emerging risks from autonomous AI with a new security framework

    See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
  • MoneyMe strengthens fraud prevention and credit decisioning

    MoneyMe strengthens fraud prevention and credit decisioning

    Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
  • PT Kereta Api Indonesia announces nationwide email and communication overhaul

    PT Kereta Api Indonesia announces nationwide email and communication overhaul

    The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.