On Jan. 30, the U.S. Department of Justice revealed a secret operation to disrupt and uncover the Joanap botnet—one of North Korea’s tools for inflicting technological mayhem around the world. The FBI’s strategy, which in part turns on notifying users infected with the malware, underscores critical lessons about how cybersecurity awareness can serve U.S. national security goals and protect companies from damaging cyberattacks.

For at least a decade, the Joanap botnet, which North Korean actors propagated using a malware strain referred to as “Brambul,” has wreaked havoc around the world and in the United States. In 2018, US-CERT, a Department of Homeland Security entity responsible for disseminating cyberthreat information, warned that the malware combination had been targeting numerous industries, “including the media, aerospace, financial, and critical infrastructure sectors.” What’s more, in a detailed criminal complaint filed against North Korean citizen Park Jin Hyok, U.S. authorities linked the Brambul malware to North Korean actors dubbed “Lazarus Group”—the same group associated with the hack of Sony, the WannaCry ransomware and massive financial thefts.