North Korea-backed SectorA activity in 2021 targeted government bodies, public companies, North Korea defectors, related organizations, cryptocurrency exchanges, financial investment firms, medical institutions, and research organizations. The excerpt describes multiple subgroups using spear phishing, malicious HWP and Microsoft Word documents, LNK files, watering-hole activity, exposed IT-tool vulnerabilities, and supply-chain abuse of altered messenger programs. SectorA04 impersonated South Korea's Ministry of Unification in phishing against North Korea policy researchers, while SectorA05 used social-issue lures such as COVID-19, Biden administration themes, and North Korea policy topics. The campaign matters because the activity combined espionage collection on South Korean political and diplomatic issues with financially motivated targeting tied to overseas currency acquisition.