Finding technological talent has become a career with more expected obstacles. For many companies, expanding their teams is no longer just a matter of publishing an offer: it is to deal with processes that often lengthen and with the possibility of not having chosen the right person. And when, finally, an incorporation is closed, the high rotation of the sector threatens to return everything to the starting point.
But what many companies probably do not imagine is that, without knowing, they could be hiring North Korean cybercounts. This threat, which began to gain strength in the United States, has begun to spread. According to Google Threat Intelligence Group (GTIG), the environment has become more hostile for these actors in US territory, and are now displacing their attention to Europe.
A threat in Europe. GTIG details the case of one of the workers linked to North Korea, whose modus operandi reflects the usual pattern of this type of operations. This individual used at least 12 different identities to run for jobs in Europe and the United States. In addition, it resorted to other identities controlled by himself to provide false references and gain credibility to recruiters.
List of countries affected by North Korea’s workers
Objective companies. Although the range of companies that hire IT profiles is broad, North Korean actors have focused their efforts on very specific sectors: above all, companies linked to the industrial defense base and government agencies. To achieve this, they took advantage of the rise of remote work and infiltrated false identities carefully prepared to overcome security filters.
Income for North Korea. Every time the North Korean regime exhibits a new military advance, the same question returns: Where do you really finance it? Although the data on their economy are scarce and deeply opaque, it is clear that international sanctions have been trying for years trying the warlike machinery of one of the most isolated and hermetic countries on the planet.
There are several investigations that point to at least two revenues for the country led by Kim Jong-un. One of them is the theft of cryptocurrencies: North Korean attackers have perfected their techniques and now hit high -value international objectives. The other is the deployment of false workers, such as the one we are seeing at this time, to carry out data theft and extortion practices.
Not only attempts. Real cases. Although there is no exact figure of false workers hired by European companies, the GTIG notes that it has detected a diverse portfolio of projects in the United Kingdom executed by employees linked to North Korea. Among them include web developments, bots, content management systems (CMS), advanced artificial intelligence and applied blockchain technology.
Images | Tai bui | WorldOfSoftware with chatgpt
In WorldOfSoftware | North Korea’s military tactics that prevents defections. Pyongyang’s “trick” to maintain the loyalty of his army
