A company recently found itself in a difficult situation when it accidentally hired a North Korean IT employee, who later stole sensitive data and attempted to extort money from the company after being fired. . according to BBCThe unnamed firm, based in the UK, US and Australia, hired the North Korean cybercriminal after falsifying her employment history and personal details. He was hired as a contractor over the summer and worked for the firm for four months. Once he had access to the company’s computer network, he downloaded sensitive company data and sent a ransom demand.
BBC The man was reported to have used the firm’s remote working tools to log into the corporate network. Then as soon as he gained access to internal systems, he secretly downloaded as much company data as possible.
Once the company fired him for poor performance, he received emails allegedly containing some stolen data and demanded payment of a six-figure sum in cryptocurrency. If the company did not pay, the hacker said he would publish or sell the stolen information online.
The company did not want to reveal its name. It was also not disclosed whether he paid the ransom or not. However, the firm allowed Secureworks’ cyber responders to report the hack to spread awareness and warn others.
Secureworks reported that the incident is the latest in a series of cases of Western remote workers being exposed as North Koreans. Once hired, these cybercriminals use their employee’s access to download sensitive company data. In some cases, they use the data to extort money from their former employers.
Read this also Organ donor in US wakes up on operating table as doctors prepare to remove his heart
Cybersecurity officials are warning about a rise in North Korean infiltrators by 2022. The US and South Korea have also accused North Korea of assigning thousands of workers to perform many well-paid Western roles remotely in order to make money for the regime and avoid sanctions. However, according to Rafe Pilling, director of threat intelligence at SecureWorks, it is rare for undercover IT employees to launch cyberattacks on their employers.
“This is a serious increase in the risk from fraud in North Korean IT worker schemes,” Mr Pilling was quoted as saying. BBC“They are no longer just after a steady pay check, they are looking for larger sums of money, more quickly, from inside the company’s security, through data theft and extortion.”
Officials have warned employers to be cautious about taking on new hires if they are fully remote.