From Laptop Farms to Ransomware

The report describes North Korea’s expanding cyber operations to generate revenue, detailing the arrest of a U.S. individual who hosted a “laptop farm” that enabled DPRK IT workers to infiltrate American and British companies under stolen identities and launder funds. It also highlights APT45’s shift from espionage to financially motivated activity, leveraging fake IT hires to gain access, deploy malware, and conduct ransomware attacks, illustrating a broader, ongoing campaign targeting organizations across critical sectors.