Title: North Korean Cyber Criminal Hired as Remote IT Worker Hacks Company, Demands Ransom
A company based in the UK, US, or Australia fell victim to a cyber attack after unknowingly hiring a North Korean cyber criminal as a remote IT worker. The hacker, who falsified his employment history and personal details, gained access to the company’s computer network and downloaded sensitive data before demanding a ransom.
The incident, uncovered by cyber responders from Secureworks, sheds light on a growing trend of North Korean workers infiltrating western companies. Since 2022, authorities have warned about the rise of secret North Korean workers taking on remote roles to earn money for the regime and evade sanctions.
Rafe Pilling, Director of Threat Intelligence at Secureworks, emphasized the seriousness of the situation, stating that fraudulent North Korean IT workers are now seeking higher sums through data theft and extortion. This case marks a significant escalation in the risk posed by such schemes.
In a similar incident in July, another North Korean IT worker attempted to hack their employer, prompting the cyber company KnowBe4 to disable access to their systems. Employers are being urged to exercise caution when hiring remote workers and to remain vigilant against potential cyber threats.
As the threat of cyber attacks continues to evolve, companies must prioritize cybersecurity measures to protect their sensitive data and prevent falling victim to malicious actors.
