The DPRK group’s attempts to exfiltrate data and install RMM tools by posing as US IT workers is one of several examples that show cross-domain analysis is needed to tackle rising identity-based attacks, according to CrowdStrike’s counter adversary team, as the company reels in the worldwide outage’s wake.
Yeah, if I had just fucked over the world to the tune of $1 billion, I’d probably be deflecting attion to threats other than me too.