The DPRK group’s attempts to exfiltrate data and install RMM tools by posing as US IT workers is one of several examples that show cross-domain analysis is needed to tackle rising identity-based attacks, according to CrowdStrike’s counter adversary team, as the company reels in the worldwide outage’s wake.