Company was hacked after accidentally hiring a North Korean cybercriminal | Science and technology news

A company was hacked after hiring a North Korean cybercriminal posing as an IT contractor.

The unnamed company fell victim to a new one North Korean According to cybersecurity firm Secureworks, which investigated the incident, it was a hacking tactic.

A North Korean cybercriminal posing as an IT contractor was hired on a fixed-term contract by the company based in the UK, US or Australia.

Secureworks generally maintains the company’s location to protect the company.

According to Rafe Pilling, director of threat intelligence at Secureworks, the criminal “accessed and exfiltrated company data” within days of starting work.

Then, when the employment contract expired, the criminal took advantage chopped Data “demanding a large ransom in return for non-publication,” Mr. Pilling said.

This is a new tactic from the North Korean regime, which has already tried to infiltrate its workers into British companies.

“It is almost certain that British companies are currently being targeted [North Korean] “IT employees are disguised as freelance IT workers from third countries to generate revenue for the DPRK regime,” said an advisory released last month by the government’s Office of Financial Sanctions Implementation (OFSI).

OFSI says UK companies hiring these workers could be in breach of the “significant” sanctions currently imposed on North Korea.

Read more from Sky News:
AI-generated child pornography is increasing at a “frightening” rate
Budget 2024: What could the Chancellor announce?
Mayor bans cactus plants in buildings

Although these workers’ salaries are believed to have been used to finance the North Korean regime, this latest incident and other similar incidents represent a “serious escalation” of risk to companies, Mr. Pilling said.

“That doesn’t exist anymore [the fake workers] Shortly after receiving a steady paycheck, they seek larger amounts more quickly through data theft and extortion within corporate defense,” he said.

British companies should protect themselves from such attacks by being on “high alert,” he said.

OFSI released a list of tell-tale signs that a new contractor is not who he claims to be but is actually an agent of the North Korean government.

Some of these include discrepancies in the spelling of their name, nationality, location, experience and online presence, or refusal to appear on camera.

Mr Pilling said companies should be wary of long pauses when appearing on camera for interviews, and OFSI warns that people who ask for an upfront payment but then fail to complete their tasks or simply don’t do their job could also be suspicious .

Attempts to redirect corporate IT equipment sent to the contractor’s home, route paychecks to money transfer services, and access the corporate network using unauthorized remote access tools should also be red flags.