Validating your security program performance against these behaviors is vital to reducing risk. Their most notorious campaign occurred in November 2014 when the Lazarus Group conducted a large-scale destructive attack against Sony Pictures Entertainment (SPE), which was notable due to the substantial penetration through the network, the large amount of exfiltrated data, and the use of a wiper to erase all forensic evidence.ĪttackIQ has released six new attack graphs emulating the actor’s historical campaigns to help customers validate their security controls and their ability to defend against this group.
#Lazarus group ransomware series#
The group first came to media attention in 2013, following a series of coordinated attacks against South Korean media and financial entities using the wiper known as DarkSeoul. Lazarus Group’s main motivations are theft of proprietary information, espionage, sabotage, and destruction. The Lazarus Group is composed of at least two subgroups, both known as Andariel and BlueNoroff, and has notable overlaps with the adversaries known as APT37 and Kimsuky. Lazarus Group, also known as Hidden Cobra, is a state-sponsored adversary attributed to the Reconnaissance General Bureau (RGB) of the Democratic People’s Republic of Korea (DPRK) which has been active since at least 2009.
Adversary Emulation Emulating the Highly Sophisticated North Korean Adversary Lazarus Group Published January 5, 2023ĪttackIQ has released a bundle of content consisting of six new attack graphs that seek to emulate the campaigns and operations led by the infamous North Korean-sponsored adversary Lazarus Group against entities worldwide across multiple sectors.
0 kommentar(er)
