Threat Intelligence, AI/ML

North Korean IT infiltrations expected to persist

North Korean remote IT worker scam

Security researchers at the recent Cyberwarcon conference in Washington, D.C., detailed North Korea’s increasing use of fraudulent IT workers to infiltrate multinational corporations and funnel earnings to the North Korean regime while conducting corporate data theft to support the country’s nuclear weapons program, TechCrunch reports.

According to the experts, these hackers create fake identities using AI-powered tools such as face-swapping and voice-changing technology to pose as remote workers. Hundreds of companies globally have unknowingly hired North Korean operatives, with only a few acknowledging such breaches. Facilitators within the United States help circumvent sanctions by managing company-issued laptops and enabling remote access.

North Korea’s cyber efforts extend beyond corporate infiltration. Groups like “Ruby Sleet” target aerospace and defense firms to steal technology for military applications, while “Sapphire Sleet” deploys malware to compromise cryptocurrency wallets, stealing at least $10 million within six months. Despite existing sanctions and law enforcement efforts, the persistence of these campaigns underscores the need for companies to enhance employee vetting processes and remain vigilant against cyber threats. Researchers warn that these tactics are unlikely to disappear in the near future.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds