IssueMakersLab statistics cited by Boannews tracked suspected North Korean cyberattack activity from 2004 through 2021 and found it grew from five cases in 2004 to more than 300 times that level by 2021. The dataset includes activity attributed to Lazarus, Kimsuky, and other North Korean state-linked organizations across South Korea and global targets. The article describes shifts from early military intelligence theft and DDoS operations to destructive attacks, defense and critical-infrastructure espionage, SWIFT and ATM intrusions, cryptocurrency exchange targeting, and later DeFi/NFT-related theft. 2020 stood out for increased collection against government and North Korea-related personnel, COVID-19-related pharmaceutical and institutional targets, and cryptocurrency entities. The source emphasizes that recent activity around a South Korean government transition included reconnaissance and information-theft attempts against officials and related experts.