Connect with us

Hi, what are you looking for?

Tech

Company hacked after accidentally hiring North Korean cyber criminal

A company was hacked after it hired a North Korean cyber criminal posing as an IT contractor.

The unnamed company fell victim to a new North Korean hacking tactic, according to cybersecurity company Secureworks, which investigated the incident.

A North Korean cyber criminal posing as an IT contractor was hired for a fixed-term contract by the firm, which is based either in the UK, US or Australia.

Secureworks is keeping the company’s location general in order to protect the company.

Within days of starting work, the criminal “accessed and exfiltrated company data”, according to Rafe Pilling, who is the director of threat intelligence at Secureworks.

Then, when the employment contract was finished, the criminal used the hacked data “to demand a hefty ransom in return for not publishing” it, said Mr Pilling.

This is a new tactic for the North Korean regime, which was already trying to sneak its workers into UK companies.

“It is almost certain that UK firms are currently being targeted by [North Korean] IT workers disguised as freelance third-country IT workers to generate revenue for the DPRK regime,” said an advisory note published by the government’s Office of Financial Sanctions Implementation (OFSI) last month.

UK companies that hire these workers could be breaching the “significant” sanctions currently placed on North Korea, according to OFSI.

Although it is thought those workers’ salaries were being used to fund the North Korean regime, this latest incident, and others like it, mark “a serious escalation” of risk for companies, said Mr Pilling.

“No longer are [the fake workers] just after a steady paycheck, they are looking for higher sums, more quickly, through data theft and extortion, from inside the company defences,” he said.

UK companies should protect themselves from these kinds of attacks by being on “high alert”, he said.

OFSI published a list of tell-tale signs that a new contractor is not who they say they are and is, in fact, an agent for the North Korean government.

Some of those include being inconsistent with the spelling of their name, their nationality, location, experience and online presence or refusing to appear on camera.

Mr Pilling said companies should monitor for long pauses if they do appear on camera for job interviews and OFSI warns that people who request prepayment but then fail to complete tasks, or just generally fail to do the job, could also be suspicious.

Attempts to re-route corporate IT equipment sent to the contractor’s home, routing paychecks to money transfer services and accessing the corporate network with unauthorised remote access tools should also be red flags.

This post appeared first on sky.com

    You May Also Like

    Stocks

    In this episode of StockCharts TV‘s The MEM Edge, Mary Ellen reviews what’s shaping up in the broader markets after the Fed announced their rate cut...

    Tech

    Consumer rights group Which? is suing Apple for £3bn over the way it deploys the iCloud. If the lawsuit succeeds, around 40 million Apple...

    Tech

    Battle lines have been drawn between the almost 200 countries meeting in Azerbaijan as they seek to agree a new pot of money to...

    Tech

    Meta has lowered the minimum age to use the popular messaging platform WhatsApp. The move, which came into effect on Thursday, reduces the age...

    Disclaimer: globalwashingtonwebinar.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

    Copyright © 2024 globalwashingtonwebinar.com | All Rights Reserved