International Hackers Targeting HR Departments In Sophisticated, Long-game Cyber Attacks

Businesses are facing a triple threat. In recent years, cyber attacks have evolved and become more sophisticated, coinciding with the rise of remote and hybrid work, as well as advancements in Artificial Intelligence (AI). This has created an urgent need to improve vetting processes within HR departments across the workforce. 

HCA Mag reports on a recent example of how sophisticated security threats have become, where a North Korean operative posed as an IT worker to infiltrate security awareness training provider KnowBe4 using a stolen U.S. identity. Although Stu Sjowerman, CEO of KnowBe4, stated no illegal access or data exfiltration occurred, the incident highlights vulnerabilities in hiring and background check processes, showing that companies should reassess their security frameworks in-case of any potential threats.  

Sjouwerman disclosed that the fake employee managed to bypass four video conference-based interviews and other standard pre-employment checks to secure a position as a principal software engineer.  

This sophisticated scheme involved the poser assuming a cleverly fabricated identity that fooled hiring protocols designed to weed out such threats. 

A similar case took place over the course of three years. According to the U.S. Justice Department, an Arizona-based woman named Christina Chapman helped North Korean IT and other foreign-based IT workers — who posed as U.S. citizens and residents — in a scheme that landed them work at over 300 U.S. firms. The effort resulted in at least $6.8 million in revenue to be generated for overseas IT workers.  

The hacker in KnowBe4’s breach belonged to a well-organized, state-sponsored criminal ring equipped with extensive resources.  

HCA Mag reports that Sjouwerman is urging other organizations to improve their defenses against similar threats by implementing stricter remote device scans, verifying physical locations of employees, and scrutinizing resumes for inconsistencies. He further advised employing more rigorous video interview practices and flagging discrepancies in shipping addresses for work equipment. 

Cyber threats are expected to become even more sophisticated in the coming years, making it more important than ever to ensure data security in an increasingly interconnected world. This has also led most organizations to embrace Zero-trust security polices, where network security is always assumed to be at risk.