September 24, 2024 at 08:05AM
Amid rising exposure to North Korean moles seeking US IT roles, Mandiant provides tips for spotting them. These include diligent background checks, scrutinizing emails and resumes for inconsistencies, and employing measures such as biometric identity verification and video interviews. Additionally, they advise monitoring network traffic, tracking laptop serial numbers, and using hardware-based MFA protocols to detect potential fraudulent workers.
Based on the meeting notes, the key takeaways for employers when hiring for IT roles include:
1. Performing appropriate due diligence by scouring the web for common data points and email addresses provided by job applicants to identify potential fraudulent profiles.
2. Recognizing indicators of multiple identities, as some North Korean workers may attempt to apply for multiple roles across various companies to exploit the US job market.
3. Mandating comprehensive background checks, including biometric identity verification and notarized proof of identity, to identify or deter fraudulent applicants.
4. Demanding that interviewees turn on their cameras during video calls to verify their identity against the provided photo and training HR departments to spot common themes among North Korean fraudulent applicants, including detecting AI-altered images.
5. Identifying fraudulent resumes by looking for discrepancies such as listing a US address as their home while reporting attending an overseas university, which may raise concerns about the application’s legitimacy.
6. Recognizing common indicators of a fraudulent resume, such as discrepancies in education background and doctored profile images likely stolen from public LinkedIn profiles.
7. Implementing technical tools to identify potential rogue workers, such as monitoring network traffic from devices, questioning the use of IP-based KVM devices and remote management apps, and verifying laptop serial numbers during onboarding.
These takeaways emphasize the importance of thorough screening and verification processes to identify and deter potential North Korean agents seeking IT roles in the US.