Dozens of Fortune 100 Companies Have Unwittingly Hired North Korean IT Workers (therecord.media)
- Reference: 0175140713
- News link: https://it.slashdot.org/story/24/09/27/0011212/dozens-of-fortune-100-companies-have-unwittingly-hired-north-korean-it-workers
- Source link: https://therecord.media/major-us-companies-unwittingly-hire-north-korean-remote-it-workers
> The remote workers "often gain elevated access to modify code and administer network systems," Mandiant found, warning of the downstream effects of allowing malicious actors into a company's inner sanctum. [...] Using stolen identities or fictitious ones, the actors are generally hired as remote contractors. Mandiant has seen the workers hired in a variety of complex roles across several sectors. Some workers are employed at multiple companies, bringing in several salaries each month. The tactic is facilitated by someone based in the U.S. who runs a laptop farm where workers' laptops are sent. Remote technology is installed on the laptops, allowing the North Koreans to log in and conduct their work from China or Russia.
>
> Workers typically asked for their work laptops to be sent to different addresses than those listed on their resumes, raising the suspicions of companies. Mandiant said it found evidence that the laptops at these farms are connected to a "keyboard video mouse" device or multiple remote management tools including LogMeIn, GoToMeeting, Chrome Remote Desktop, AnyDesk, TeamViewer and others. "Feedback from team members and managers who spoke with Mandiant during investigations consistently highlighted behavior patterns, such as reluctance to engage in video communication and below-average work quality exhibited by the DPRK IT worker remotely operating the laptops," Mandiant reported.
>
> In several incident response engagements, Mandiant found the workers used the same resumes that had links to fabricated software engineer profiles hosted on Netlify, a platform often used for quickly creating and deploying websites. Many of the resumes and profiles included poor English and other clues indicating the actor was not based in the U.S. One characteristic repeatedly seen was the use of U.S-based addresses accompanied by education credentials from universities outside of North America, frequently in countries such as Singapore, Japan or Hong Kong. Companies, according to Mandiant, typically don't verify credentials from universities overseas.
Further reading: [3]How Not To Hire a North Korean IT Spy
[1] https://therecord.media/major-us-companies-unwittingly-hire-north-korean-remote-it-workers
[2] https://cloud.google.com/blog/topics/threat-intelligence/mitigating-dprk-it-worker-threat
[3] https://it.slashdot.org/story/24/08/31/052207/how-not-to-hire-a-north-korean-it-spy
The only reason the world hasn't gone to shit (Score:2)
is that we didn't invent stupid. We're just more aware of our own more than the other other guy's.
For every one of these, there's the Russian Army supply depot that bought cheap shit Chinese truck tires that turn to dust, the Chinese nuclear submarine that sinks under construction, and the North Koreans can't even feed themselves.
Bullshit they know what they're doing (Score:2)
You're talking about getting a competent IT person for a fraction of the price. I'm sure they're more than happy to hire them. Sure it's a gamble it might be somebody who's trying to steal some company secrets but a lot of these companies don't really have any secrets worth stealing and it's easy enough to silo workers nowadays anyway.
The simplest background checks in the world would have set off dozens of red flags here and I'm sure that they were done and that they did and that the company ignored the
Basic steps ignored (Score:2)
Companies don't want to hire U.S. workers because they cost too much.
Companies seek out contractors.
Companies don't use humans to verify resume or CV, instead relying on software to filter candidates.
Companies can't be bothered to do a simple face-to-face interview of the contractors they hire.
Companies find out they've been hiring North Koreans.
Perhaps instead of trying to be efficient, companies could try to be thorough.
contractors are easier to fire, don't have max hou (Score:2)
contractors are easier to fire, don't have max hours rules, have no OT pay
Re: (Score:2)
I really wonder what fortune 500 company is not doing face-to-face interviews, even over zoom. Seems like this should be really easy to filter out.
Re: (Score:2)
> I really wonder what fortune 500 company is not doing face-to-face interviews, even over zoom. Seems like this should be really easy to filter out.
Every company that started to practice Diversity Equity and Inclusion (DEI) started to not do in person interviews in order to hide the race name photo of the person including voice changers to hide accents or other qualities to make the process more fair. My wife was on a DEI committee as the minute taker she stopped suggestions when they didn't listen. She quit it after seeing the results. My wife's now former company is now suffering badly with those hires all of those things also hid the body language t