North Korean IT workers ‘have infiltrated Australian businesses’, experts warn

May Be Interested In:Fujifilm’s new stabilized binoculars deliver even more zoom


“As pressure has increased in the US, we have seen these IT workers shift their focus to other countries where employers are less familiar with this scheme and they are likely to meet less scrutiny,” Hultquist said.

Mandiant chief analyst John Hultquist.

“These North Koreans are legitimately skilled people in many cases, and they’re good at their jobs. And they’re IT workers, so they’re getting access to the most sensitive systems by virtue of their job.

“Our concern is that this is about as serious as a threat gets, and it’s a looming threat for Australia. And we can already see evidence that they’re operating in Australia.”

Hultquist did not name the Australian businesses. He said local human resources executives should be on high alert for remote workers using fraudulent or AI-generated identity documents to apply for roles.

“With most cyber threats, the advice is to get a certain device or block IP addresses,” he said.

“This is not that type of threat. The HR group has to change the way they hire, and post-COVID, there’s an increasing number of remote employees, and those employees in some cases are not getting the same scrutiny that they’ve had in the past.

Australia’s Department of Foreign Affairs and Trade has urged businesses to closely scrutinise identity verification documents for forgery.

Australia’s Department of Foreign Affairs and Trade has urged businesses to closely scrutinise identity verification documents for forgery.Credit: Getty Images

“They’re getting access to serious financial data, which puts them in a position to steal a lot of money, and they’re getting access to critical infrastructure, which leads to very real national security concerns.”

Australia’s Department of Foreign Affairs and Trade has issued an advisory alert about the issue, urging businesses to closely scrutinise identity verification documents for forgery, and conduct video interviews to verify a worker’s identity. The department said businesses that hire North Korean IT workers might be in breach of Australian government sanctions, which could lead to prison time for executives or heavy fines.

“DPRK IT workers deliberately obfuscate their identities, locations, and nationalities, typically using fake personas, proxy accounts, stolen identities and falsified or forged documentation to apply for jobs,” the department said.

Loading

“They target employers located in wealthier countries (including Australia), utilising a variety of mainstream and industry-specific freelance contracting, and social media and networking platforms.

“DPRK IT workers often take on projects that involve virtual currency. DPRK IT workers also use virtual currency exchanges and trading platforms to manage digital payments they receive for contract work as well as to launder these illicitly obtained funds back to the DPRK.”

Michael Barnhart, who heads Mandiant’s team tracking threats from North Korea, said that the “threat actors” have recently become more dangerous once they gain employment at Western organisations.

“We’re seeing IT workers follow through on releasing sensitive data of organisations they’ve infiltrated to pressure victims into paying exorbitant ransoms. They’re also demanding more cryptocurrency than they ever have before,” Barnhart said.

“We assess that the heightened media attention and ongoing government disruptions targeting their cyber operations this past year are forcing an escalation in their tactics.

“The latest indictments against key leaders of North Korea’s IT worker scheme represent an escalation from law enforcement agencies in disrupting these illicit operations … Revealing the individuals and calling out their locations also sends a message that they’re no longer anonymous pseudonyms in an unknown region.”

Get news and reviews on technology, gadgets and gaming in our Technology newsletter every Friday. Sign up here.

share Share facebook pinterest whatsapp x print

Similar Content

Los Angeles fires cause thousands to flee, NASA JPL closed
Los Angeles fires cause thousands to flee, NASA JPL closed
A photo of a woman meditating at home.
Eczema Patients Do Well With Self-Guided Cognitive Behavioral Therapy
What is Dinga Dinga, the ‘excessive body shaking’ that is in news? - Times of India
What is Dinga Dinga, the ‘excessive body shaking’ that is in news? – Times of India
Download app from appStore
Four fires grow, forcing more than 80,000 evacuations around L.A.
Suhana Khan's Red Dress Is Perfect For The Holiday Season - News18
Suhana Khan’s Red Dress Is Perfect For The Holiday Season – News18
A photo of taxis and an ambulance driving through Times Square in New York City.
Alzheimer’s Mortality Lowest for Taxi, Ambulance Drivers
Truth Unveiled: Behind the Global Headlines | © 2024 | Daily News