Blurred Lines: Evolving Tactics of North Korean Cyber Threat Actors
Seongsu Park
DEF CON 33 · Day 1 · Main Stage
In his DEF CON talk, "Blurred Lines: Evolving Tactics of North Korean Cyber Threat Actors," Seongsu Park, a Staff Threat Researcher at Gscaler, delves into the increasingly complex landscape of North Korean state-sponsored cyber operations. Drawing on over a decade of experience tracking these elusive groups, Park highlights the significant challenges faced by threat intelligence professionals in accurately attributing cyberattacks. The presentation goes beyond traditional malware analysis, emphasizing the need for a comprehensive, full-context approach to understand the dynamic nature of these adversaries.
AI review
Solid, practitioner-grade threat intel from someone who has clearly spent years in the weeds on DPRK attribution — not just aggregating public reporting but catching infrastructure misconfigs and tracking tool lineage across multi-year campaigns. The Andariel/Kimsuky handoff case and the Pebble Dash cross-attribution story are the kind of operational detail that separates real tracking work from recycled OSINT.