North Korea appears to ramp up cyberattacks against some U.S. organizations within weeks after new sanctions are imposed or existing ones are enforced, a report by the RAND Corporation published earlier this month suggests. Researchers said they analyzed phishing attacks against RAND attributed to the DPRK-linked Kimsuky group over the course of two years, and found a high correlation between sanctions activity and attempts to trick RAND staff into clicking malicious links.

“Anything  related  to  sanctions — whether  new  ones  are  imposed,  removal  of  existing  ones  is  denied  in  negotiations,  or  violations  of  existing  ones  are  claimed