July 24, 2024 at 01:07AM
KnowBe4, a security awareness and training provider, inadvertently hired a fake North Korean IT worker for a software engineering role. Even after thorough background checks, the new hire used a fake identity and attempted to load malware onto his company-provided computer. KnowBe4’s security software detected the malware, and the FBI has been alerted. This infiltration highlights the need for vigilant vetting and monitoring of remote access devices.
From the meeting notes, the key takeaways are:
– KnowBe4 hired a fake North Korean IT worker who used a stolen US-based ID and a stock photo modified with AI to fake their identity for a software engineering role on its AI team.
– Despite conducting video interviews, confirming appearance matching with a photo, and conducting background checks, the faker was hired and received a Mac workstation, which immediately started to load malware.
– KnowBe4’s security software detected the malware, leading to an investigation that uncovered the faker’s manipulation of session history files, transfer of potentially harmful files, and execution of unauthorized software.
– The FBI has been alerted, and KnowBe4’s CEO suggested monitoring devices that offer remote access and better vetting of candidates’ locations to avoid similar incidents in the future.
– The scam involves fake workers being paid well and sending a large amount to North Korea to fund illegal programs, and the fake employee’s laptop was likely sent to a “IT mule laptop farm” in North Korea or China.
– This infiltration is a surprising revelation from a company specializing in security awareness and training.
– The company’s transparency was praised by the Infosec community, highlighting the idea that if it can happen to a security awareness company, it can happen to anyone.
These takeaways capture the essential information and implications from the meeting notes.