About a week ago I posted about the N. Korean group Kimsuky (APT43) using new TTPs and malware. In case you missed it, the threat group is aligned with the North Korean government and target countries that the Democratic People’s Republic of Korea (DPRK) considers enemies. The group has been in operations since 2012 and targets healthcare, government, energy, and nuclear weapons research via espionage.
I say that to say this. The Korean National Police Agency (S. Korea) has released a report, without naming a particular threat group, suggesting that Kimsuky is behind a 2021 cyber attack. The Seoul National University Hospital was targeted and their internal network was infiltrated. The attack exposed data on 831,000 people, most were patients. The investigation took 2 years.