We may earn commissions if you use the recommended services on this site.  

Impersonation by North Korean Cyber Group: A Case Study of a Washington D.C. Analyst

Latest Business News

Impersonation Tactics by North Korean Cyber Group: A Case Study

Six years ago, a prominent researcher, Jenny Town, experienced a cyber attack that resulted in her computer being hacked. As a leading expert on North Korea at the Stimson Institute, Town's work relies on open-source intelligence and publicly available data to analyze North Korean dynamics. However, the hackers, known as APT43 or KimSuky, were not solely interested in classified information. They used the popular remote-desktop tool TeamViewer to gain access to Town's computer and extract information about her colleagues, field of study, and contact list. This data was then used to create a digital doppelganger of Town, enabling the hackers to gather intelligence remotely.

Targeting High-Profile Personalities for Intelligence Collection

APT43, a unit of North Korea's intelligence services, targets high-profile individuals to collect intelligence. With North Korea lacking diplomatic relations with the U.S., hacking into government systems becomes a crucial avenue for obtaining intelligence. The group's tactics involve social engineering, such as sending fake emails pretending to be Town or her staff, in order to establish relationships with prominent researchers and analysts.

Expanding Influence and Ties to Cryptocurrency Laundering

The group behind Town's clone has been linked to cryptocurrency laundering operations and influence campaigns, indicating a broader scope of their activities. They have targeted not only Town but also other academics and researchers, highlighting the extent of their operations.

Challenges and Awareness

While the tactic of impersonation still works, increased awareness has made it less effective than before. Older, less tech-savvy academics who may overlook domains or email discrepancies remain the most susceptible victims. Additionally, when the real individuals attempt to warn potential victims about the impersonation, they often face disbelief and resistance. In a peculiar turn of events, Town's colleague initially doubted her warnings and even asked the impersonator if they were a North Korean spy. The impersonator, of course, affirmed their identity. However, after heeding Town's advice, the colleague eventually broke off contact with the impersonator, who then apologized and blamed the confusion on "Nk hackers." In conclusion, the case study of North Korean cyber group impersonation serves as a reminder of the ongoing threats posed by sophisticated hacking tactics. It highlights the need for individuals, especially high-profile personalities, to remain vigilant and exercise caution when interacting online. As cybersecurity awareness continues to grow, it is crucial for individuals and organizations to stay informed and take necessary precautions to protect against such impersonation attempts.


The case of North Korean cyber group APT43 impersonating a prominent researcher underscores the significant cybersecurity threats that new businesses face. The group's tactics, which include social engineering and creating digital doppelgangers, highlight the sophistication of modern cyber threats.

Implications for New Businesses

For new businesses, this case serves as a stark reminder of the importance of robust cybersecurity measures. Businesses, particularly those with high-profile individuals, must remain vigilant and proactive in protecting their digital assets and communications.
Strategic Considerations
As the tactics of cybercriminals evolve, so too must the defenses of businesses. This includes not only investing in advanced cybersecurity technologies but also fostering a culture of cybersecurity awareness within the organization. Regular training and education can help employees recognize and respond to potential threats. In conclusion, the tactics of APT43 highlight the evolving nature of cyber threats and the need for businesses to stay ahead of these challenges. As new businesses navigate the digital landscape, understanding and addressing such threats will be crucial to their security and success.
Story First Published at: https://www.cnbc.com/2023/09/18/how-a-north-korean-cyber-group-impersonated-a-washington-dc-analyst.html
Brought to you by BusinessFormation.io
Know Your State's Registered Agent Requirements: What is a Registered Agent
Learn How To Create An LLC: What Is An LLC and How To Start an LLC Online

LLC Filing & Registered Agent Services

Compare Online LLC Filing Services Today

We work with the market leaders in business formation and registered agent services.

Getting started is simple and inexpensive. Form your business today & secure your brand name before someone beats you to it! Click below to view the Top 3 Best LLC and registered agent service providers.
View Top 3 Providers Now

Filing An LLC Can Be Complicated

Streamline Your LLC Filing Online for $39

Northwest Registered Agent is the best-rated service for first time filers.

Get professional LLC formation & registered agent services for only $39 + state filing fee. This offers includes your full LLC setup, plus a private business address, lifetime support, and more.

Trusted by Millions. Save 82% Today.