Most companies, especially technology companies, follow a strict selection process to hire new staff. However, the security company KnowBe4 overlooked a crucial detail and ended up unknowingly hiring a North Korean hacker.
This cybercriminal posed as a software engineer and, although the attacker used false identities, managers have recognized that heThe individual managed to bypass all their filters and access a position in the company.
North Korean hacker managed to deceive a cybersecurity company
The hacker, apparently, used very sophisticated techniques to conceal his true identity, even using a photo that was edited with artificial intelligence. After passing all the interviews and evaluations, he was hired by KnowBe4. He then asked to work from home and have his workstation shipped to an address that turned out to be a laptop farm.
But it wasn’t until he tried to infiltrate the company’s network that his true intention came to light. It was discovered that the «simple engineer» used a VPN to hide his location and aimed to inject malware into the system using a Raspberry Pi. The company notified the incident to the FBI, which is now handling the investigation.
This incident highlights the importance of taking extreme precautions in hiring processes, especially in cybersecurity companies. KnowBe4 has acknowledged flaws in its protocols and has announced that it will strengthen its security measures and background checks. He also states that no personal data or information was compromised.
It is essential that companies, especially those that handle sensitive information, implement robust recruitment systems that can verify the authenticity of identity documents and information provided by candidates.
In addition, investigate the work and academic history of the candidates, looking for possible inconsistencies or warning signs, as well as implement technical and security tests that evaluate people’s skills and knowledge, as well as their behavior.
The FBI is already investigating this case, although it is not yet known if they have managed to arrest the North Korean hacker.. Without a doubt, this type of situation reveals how vulnerable even a company that is dedicated to protecting others can be, which underlines the need to further strengthen security measures in all areas.
Get to know how we work in NoticiasVE.
Tags: hackers, Cybersecurity