AI/ML, Identity, Distributed Workforce

KnowBe4 targeted by fake North Korean IT worker

Share
North Korea flag with circuitry and fingerprint

SecurityWeek reports that Florida-based cybersecurity firm KnowBe4 was infiltrated last week by a North Korean hacker purporting to be a software engineer who was hired based on a deep-faked identity.

Within 25 minutes of having received his Mac workstation, the North Korean operative — who used VPN to conceal the location of the IT mule farm where the workstation was sent — leveraged Raspberry Pi to facilitate malware downloads, session history file alterations, file transfers, and unauthorized software execution, according to KnowBe4 CEO Stu Sjouwerman, who noted that the compromise, which was immediately detected and averted, had not impacted the firm's systems.

Such an operation was regarded by Sjouwerman to have shown the hacker's "high level of sophistication in creating a believable cover identity, exploiting weaknesses in the hiring and background check processes, and attempting to establish a foothold" in the firm. The development comes more than two months after the U.S. arrested and charged individuals who helped North Korean IT workers posing as Americans obtain jobs across the country.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.