[kibwen]

The reason that North Korea targets IT roles in particular is precisely because they're the weak link in zero-trust implementations. Someone, somewhere, has the unfettered rights to access the production database, and they're in the IT department.

[mgiampapa]

If not production, they can usually read all the backups, DR systems, logging telemetry, legal discovery systems etc...