FBI claims North Korean workers are hacking the US companies which hired them

Date:
Fri, 24 Jan 2025 17:08:00 +0000

Description:
Advice to counter state-backed threat actors turning on your business from within is also just generally sound recruiting advice.

FULL STORY ======================================================================
- The FBIs missive follows three previous ones in as many years
- Statement is aimed at educating businesses and warding off domestic collaborators
- Suggested remedies include employing endpoint protection on computer
systems and checking applications for typos and unusual nomenclature

The FBI has claimed North Korean IT workers are extorting US companies which have hired them by leveraging their access to steal source code.

In a statement , the agency warned domestic and international firms employees turned threat actors, facilitate cyber-criminal activities and conduct revenue-generating activity using stolen data on behalf of the regime.

It recommended endpoint protection , and monitoring network logs to identify where data has been compromised across easily accessible means like shared internal drives and cloud storage drives.

FBI guidance on remote hiring processes

The FBI also recommended a litany of actions that all amount to taking care
to know who youre hiring, which sounds like good practice even if youre not especially worried about unwittingly hiring a threat actor.

It recommended stringent identity verification processes throughout the recruitment process and cross-checking applicants details against that of others in the pile, and across different HR systems.

It also claimed these applicants are using AI tools to obfuscate their identities, but, if true, offered little advice to counter them beyond conducting recruitment processes in person; which isnt always possible.

The agency also suggested recruiters ask applicants soft questions about
their whereabouts and identity, but wed suggest that this is good practice
all round too.

North Korean IT workers have been a target of the FBI for some time, having released separate guidance in 2022 , 2023 , and 2024 . In the latter, it expressed concern that US-based individuals were, knowingly or unknowingly, helping facilitate state-sponsored threat actors by setting up US-based infrastructure such as front addresses and businesses.

======================================================================
Link to news story: https://www.techradar.com/pro/security/fbi-claims-north-korean-workers-are-hac king-the-us-companies-which-hired-them

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)