Summary: A comprehensive study by independent researcher Ovie reveals the significant and targeted cyber threats aimed at civil society organizations (CSOs) in South Korea, particularly those advocating for human rights and North Korean issues. The research highlights the sophisticated methods employed by North Korean and Chinese-backed threat actors, including spear-phishing and advanced malware. It concludes with a call for enhanced cybersecurity measures and support for affected activists and organizations.
Affected: South Korean civil society organizations (CSOs)
Keypoints :
- Nation-state-backed cyber actors frequently target CSOs in South Korea, particularly activists and journalists focused on North Korea.
- Three major threat actors identified: APT37 (Reaper), Kimsuky (Velvet Chollima), and UCID902, employing tactics such as credential theft and advanced malware.
- Research emphasizes the urgent need for improved cybersecurity measures and resource allocation for CSOs to counter these persistent threats.
Source: https://securityonline.info/south-korean-csos-under-cyberattack-3-year-study/