Company was hacked after accidentally hiring a North Korean cybercriminal

Since 2022, authorities and cyber defenders have warned of an increase in secret North Korean workers infiltrating Western companies.

The United States and South Korea accuse North Korea of ​​hiring thousands of employees to take on multiple well-paid Western roles remotely to make money for the regime and avoid sanctions.

In September, cybersecurity company Mandiant said dozens of Fortune 100 companies had accidentally hired North Koreans.

However, according to Rafe Pilling, Director of Threat Intelligence at Secureworks, it is rare for clandestine IT employees to target their employers with cyberattacks.

“This is a serious escalation of the risk of fraudulent North Korean IT employee programs,” he said.

“They are no longer just looking for a steady paycheck, but are quickly seeking larger amounts through data theft and corporate defense extortion.”

The case comes after another North Korean IT worker was caught trying to hack his employer in July.

The IT worker was hired by cyber company KnowBe4, which quickly blocked access to its systems when it noticed strange behavior.

“We advertised the position, received resumes, conducted interviews, conducted background checks, checked references, and hired the individual,” the company wrote in a blog post.

“We sent them their Mac workstation, and when they received it, it immediately started loading malware (malicious software).”

Authorities are warning employers to be vigilant about new hires working entirely remotely.