Connect with us

Hi, what are you looking for?

Notes On Wealth CreationNotes On Wealth Creation

Tech News

Company hacked after accidentally hiring North Korean cyber criminal

A company was hacked after it hired a North Korean cyber criminal posing as an IT contractor.

The unnamed company fell victim to a new North Korean hacking tactic, according to cybersecurity company Secureworks, which investigated the incident.

A North Korean cyber criminal posing as an IT contractor was hired for a fixed-term contract by the firm, which is based either in the UK, US or Australia.

Secureworks is keeping the company’s location general in order to protect the company.

Within days of starting work, the criminal “accessed and exfiltrated company data”, according to Rafe Pilling, who is the director of threat intelligence at Secureworks.

Then, when the employment contract was finished, the criminal used the hacked data “to demand a hefty ransom in return for not publishing” it, said Mr Pilling.

This is a new tactic for the North Korean regime, which was already trying to sneak its workers into UK companies.

“It is almost certain that UK firms are currently being targeted by [North Korean] IT workers disguised as freelance third-country IT workers to generate revenue for the DPRK regime,” said an advisory note published by the government’s Office of Financial Sanctions Implementation (OFSI) last month.

UK companies that hire these workers could be breaching the “significant” sanctions currently placed on North Korea, according to OFSI.

Although it is thought those workers’ salaries were being used to fund the North Korean regime, this latest incident, and others like it, mark “a serious escalation” of risk for companies, said Mr Pilling.

“No longer are [the fake workers] just after a steady paycheck, they are looking for higher sums, more quickly, through data theft and extortion, from inside the company defences,” he said.

UK companies should protect themselves from these kinds of attacks by being on “high alert”, he said.

OFSI published a list of tell-tale signs that a new contractor is not who they say they are and is, in fact, an agent for the North Korean government.

Some of those include being inconsistent with the spelling of their name, their nationality, location, experience and online presence or refusing to appear on camera.

Mr Pilling said companies should monitor for long pauses if they do appear on camera for job interviews and OFSI warns that people who request prepayment but then fail to complete tasks, or just generally fail to do the job, could also be suspicious.

Attempts to re-route corporate IT equipment sent to the contractor’s home, routing paychecks to money transfer services and accessing the corporate network with unauthorised remote access tools should also be red flags.

This post appeared first on sky.com

You May Also Like

Investing News

Falco Resources Ltd. (TSX-V: FPC) (‘ Falco ‘ or the ‘ Corporation ‘) is delighted with citizen participation in the immersive public workshop which...

Stock News

We had a sneak preview of emerging leadership on the morning of July 12th. That was the morning the June Core CPI came in...

Investing News

Trading resumes in: Company: Rua Gold Inc. CSE Symbol:RUA All Issues: Yes Resumption (ET): 8:00 AM CIRO can make a decision to impose a...

Investing News

Ramp Metals Inc. (TSXV: RAMP) (‘Ramp Metals’ or the ‘Company’) is pleased to announce a non-brokered private placement financing of up to approximately $4,500,000...