About this episode
In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Proofpoint’s Greg Lesnewich and Microsoft’s Greg Schloemer to share the unique threat posed by North Korea’s (DPRK) state-sponsored cyber activities. The Gregs discuss their years of experience tracking North Korean cyber actors and the distinct tactics that set DPRK apart from other nation-sponsored threats. The conversation also explores North Korea’s high stakes, as DPRK threat actors operate under intense pressure from government handlers, adding a layer of urgency and fear to their operations. They share insights into North Korea’s aggressive use of stolen cryptocurrency to fund the regime’s initiatives, like ballistic missile tests, and discuss the broader geopolitical impact. In this episode you’ll learn:
The technical sophistication and the relentlessness of DPRK cyber tactics
Complex motives behind funding and sustaining the North Korean government
The training and skills development of North Korean cyber operators
Some questions we ask:
How do North Korean threat actors set up their relay networks differently?
What sets North Korea apart from other nation-sponsored threat actors?
How do North Korean cyber actors differ from traditional e-crime actors?
Resources: View Greg Schloemer on LinkedIn View Greg Lesnewich on LinkedIn View Sherrod DeGrippo on LinkedIn Blog links: Citrine Sleet Observed Exploiting Zero Day New North Korean Threat Actor Identified as Moonstone Sleet East Asia Threat Actor Technique Report Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at
