Priya PatelTLDR:
– A security firm hired a remote employee who turned out to be a North Korean hacker
– The hacker infected the company’s laptop with malware, but no data was compromised
Security firm experiencing nightmare after learning remote employee is North Korean hacker
A digital security firm was shocked to discover that one of its remote workers was actually a North Korean hacker. The employee, who was hired as a software engineer for the company’s internal IT AI team, infected the company’s Mac workstation with malware as soon as it was received. The company stressed that no illegal access was gained and no data was lost or compromised.
Attempts to follow up with the remote employee were met with silence, leading the company to believe that the individual was part of a well-organized, state-sponsored hacking group with extensive resources. The incident highlighted the need for more robust vetting and security measures in remote hiring and monitoring.
The situation occurred as the U.S. State Department indicted a North Korean national who was part of a cyber group responsible for hacking U.S. hospitals and healthcare providers. The group, known as Andariel and controlled by the DPRK’s military intelligence agency, installed ransomware on the systems of these organizations and extorted ransoms.
The FBI was successful in seizing online accounts used by the hacking group and recovering more than $600,000 in proceeds from ransomware attacks, which will be returned to the victims. The Justice Department has brought multiple criminal cases related to North Korean hacking in recent years, focusing on the profit-driven motives behind these activities.
