Florida IT security firm unknowingly hires North Korean hacker

 Florida IT security firm unknowingly hires North Korean hacker

An IT security company from Florida inadvertently hired a North Korean hacker in July, who posed as a Western technician. The incident raises questions about security and hiring practices in the industry.

Key Insights

  • A North Korean hacker was hired as a Western technician.
  • The hacker used a stolen identity during the application process.
  • The incident was only discovered after several background checks and video interviews.
  • The US government has been warning about such threats since May 2022.

The Incident

In July, an IT security company from Clearwater, Florida, unknowingly hired a North Korean hacker as a software engineer. The hacker used a stolen identity and went through several background checks and video interviews before the fraud was discovered.

Reactions and Measures

Roger Grimes, a data-driven defence expert at KnowBe4, the affected company, expressed shock at the incident. “It was just unbelievable that we were targeted,” said Grimes. The company has now begun to revise its hiring procedures to prevent similar incidents in the future.

Expert Opinions

Paul Vann and Justin Marciano, the founders of the West Coast-based IdentifAI, a platform for detecting deep fakes, emphasised the dangers of such attacks. “If a cybersecurity company that serves other cybersecurity companies is exploited, it can cause many problems,” said Vann. Marciano added that the technique used was real-time and therefore particularly difficult to detect.

Future Threats

The US government had already warned in May 2022 about the increasing threat posed by deep fake technology. Experts like Vann and Marciano expect that such technologies will increasingly be used for fake job scams in the future. KnowBe4 is using the incident as a teaching moment to implement better hiring protocols.

Conclusion

The incident highlights the importance of having robust security measures and thorough checks in the hiring process. Companies must remain vigilant and continuously evolve to counter such threats.

Sources