0attributed CVEs
41ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[Higaisa](https://attack.mitre.org/groups/G0126) is a threat group suspected to have South Korean origins. [Higaisa](https://attack.mitre.org/groups/G0126) has targeted government, public, and trade organizations in North Korea; however, they have also carried out attacks in China, Japan, Russia, Poland, and other nations. [Higaisa](https://attack.mitre.org/groups/G0126) was first disclosed in early 2019 but is assessed to have operated as early as 2009.(Citation: Malwarebytes Higaisa 2020)(Citation: Zscaler Higaisa 2020)(Citation: PTSecurity Higaisa 2020)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 27 / 41 | 66% |
CM-2 | 25 / 41 | 61% |
CM-6 | 25 / 41 | 61% |
SI-3 | 25 / 41 | 61% |
CA-7 | 20 / 41 | 49% |
CM-7 | 20 / 41 | 49% |
AC-4 | 16 / 41 | 39% |
SC-7 | 15 / 41 | 37% |
SI-7 | 13 / 41 | 32% |
SI-10 | 12 / 41 | 29% |
AC-3 | 11 / 41 | 27% |
AC-6 | 11 / 41 | 27% |
SI-2 | 10 / 41 | 24% |
AC-2 | 9 / 41 | 22% |
RA-5 | 8 / 41 | 20% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- Frankenstein 0.38
- Darkhotel 0.34
- Sidewinder 0.34
- Tropic Trooper 0.33
- RedDelta Modified PlugX Infection Chain Operations 0.33