AI/ML, Identity, Distributed Workforce

KnowBe4 targeted by fake North Korean IT worker

North Korea flag with circuitry and fingerprint

(Adobe Stock Images)

SecurityWeek reports that Florida-based cybersecurity firm KnowBe4 was infiltrated last week by a North Korean hacker purporting to be a software engineer who was hired based on a deep-faked identity.

Within 25 minutes of having received his Mac workstation, the North Korean operative — who used VPN to conceal the location of the IT mule farm where the workstation was sent — leveraged Raspberry Pi to facilitate malware downloads, session history file alterations, file transfers, and unauthorized software execution, according to KnowBe4 CEO Stu Sjouwerman, who noted that the compromise, which was immediately detected and averted, had not impacted the firm's systems.

Such an operation was regarded by Sjouwerman to have shown the hacker's "high level of sophistication in creating a believable cover identity, exploiting weaknesses in the hiring and background check processes, and attempting to establish a foothold" in the firm. The development comes more than two months after the U.S. arrested and charged individuals who helped North Korean IT workers posing as Americans obtain jobs across the country.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Related

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Basic AuthenticationBiometricsBring Your Own Device (BYOD)Certificate-Based AuthenticationChallenge-Handshake Authentication Protocol (CHAP)Digest AuthenticationDigital CertificateDiscretionary Access Control (DAC)

You can skip this ad in 5 seconds