Slick Phish & Cartoon Animals
Contents
DCO COBRA and SOSSEC - CYBER TALK
February 16, 2023
Presenter: Mandiant
Event Title: Mandiant Intelligence –
Current Foreign State Cyber & Cryptocurrency Operations
Panel Presenters:
Mr. Andy DeFazio, Mandiant DoD & IC
Mr. Mike Barnhart, DPRK Operations, Principal Analyst,
Strategic Intelligence and Government
Mr. Joseph Dobson, Crypto Operations, Principal Analyst,
Strategic Intelligence and Government
©2022 Mandiant
Slick Phish & Cartoon Animals
Insights Into North Korea’s Cyber & Cryptocurrency Operations
Michael “Barni” Barnhart
Joseph “Joe” Dobson
Principal Analyst, Strategic Intelligence & Government
Principal Analyst, Strategic Intelligence & Government
©2022 Mandiant
Agenda
• Structure of DPRK Cyber Programs
• DPRK Ransomware & Targeting of Healthcare
• DPRK Cyber Espionage Operations
•
Targeting of journalists, policymakers, & dissidents
• DPRK & Cryptocurrency/Web3
•
•
•
•
•
Heists
Phishing
Cryptocurrency laundering & masking funds
Cryptojacking
“IT Worker” Threat
©2022 Mandiant
3
Who Are We?
• Michael Barnhart
• Joseph Dobson
©2022 Mandiant
4
Example journalist question on human rights: Is there an effective way
to broach this topic with North Korea in a way that satisfies rights
advocates, which will be necessary for gaining bipartisan support in the
United States for any eventual agreement, …
February 16, 2023
Presenter: Mandiant
Event Title: Mandiant Intelligence –
Current Foreign State Cyber & Cryptocurrency Operations
Panel Presenters:
Mr. Andy DeFazio, Mandiant DoD & IC
Mr. Mike Barnhart, DPRK Operations, Principal Analyst,
Strategic Intelligence and Government
Mr. Joseph Dobson, Crypto Operations, Principal Analyst,
Strategic Intelligence and Government
©2022 Mandiant
Slick Phish & Cartoon Animals
Insights Into North Korea’s Cyber & Cryptocurrency Operations
Michael “Barni” Barnhart
Joseph “Joe” Dobson
Principal Analyst, Strategic Intelligence & Government
Principal Analyst, Strategic Intelligence & Government
©2022 Mandiant
Agenda
• Structure of DPRK Cyber Programs
• DPRK Ransomware & Targeting of Healthcare
• DPRK Cyber Espionage Operations
•
Targeting of journalists, policymakers, & dissidents
• DPRK & Cryptocurrency/Web3
•
•
•
•
•
Heists
Phishing
Cryptocurrency laundering & masking funds
Cryptojacking
“IT Worker” Threat
©2022 Mandiant
3
Who Are We?
• Michael Barnhart
• Joseph Dobson
©2022 Mandiant
4
Example journalist question on human rights: Is there an effective way
to broach this topic with North Korea in a way that satisfies rights
advocates, which will be necessary for gaining bipartisan support in the
United States for any eventual agreement, …