Re: Training
Good idea, sending training phish emails, in fact why not check and see if these Korean infrastructural attack phish emails could have been sent by someone under false attribution. There are nation state ‘fake-other nation state” malware tools around.
From my reading of the actual South Korean news about their steadily improving relations with North Korea, that’s the sort of counter-narrative news that might definitely result in some sort of ‘anti’ news from your local centralised intelligence agents.
Bigging up the foreign threat bigly = continue big budget times $$$