{"id":14861,"date":"2024-10-22T09:01:12","date_gmt":"2024-10-22T07:01:12","guid":{"rendered":"https:\/\/cyberinsights.iainfraser.net\/?p=14861"},"modified":"2024-11-21T13:36:48","modified_gmt":"2024-11-21T12:36:48","slug":"alert-nk-state-actors","status":"publish","type":"post","link":"https:\/\/smecyberinsights.co.uk\/index.php\/2024\/10\/22\/alert-nk-state-actors\/","title":{"rendered":"STATE ACTORS: SKILLS GAP – NK Hackers exploiting Cyber Skills Shortage to blag jobs"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\"CYBERInsights\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t
Image Credit: IfOnlyCommunications\/AI<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\"nordvpn\"<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

CYBER Insights – Helping Keep Small Business CYBERSafe!<\/strong>
\nGibraltar: Monday\u00a0 21 October 2024 at 11:00 CEST<\/p>\n

STATE ACTORS: SKILLS GAP – NK Hackers exploiting Cyber Skills Shortage to blag SME Cybersecurity Jobs.\u00a0<\/b>
\nBy: Iain Fraser – Cybersecurity Journalist<\/a>
\nCYBERInsights\/<\/a>THREATIntel
\nFirst for\u00a0SME Cyber News & Intel<\/a>
\n#CyberInsights #CyberSecurity #CyberMedia #CyberPR #CyberAwareness #CyberSkillsShortage #SME #SmallBusiness #smallbusinessowner\u00a0 <\/em>#StateActors #MSP\u00a0 #CloudGuard<\/em><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

\n\t\t\t\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

North Korean Hackers<\/strong> have increasingly been using fake identities to secure jobs as IT<\/strong> and Cybersecurity<\/strong> professionals in Western companies, including the UK<\/strong>, as part of their broader strategy to launch Cyberattacks<\/strong> and steal data. In several reported cases, these hackers have successfully infiltrated businesses by falsifying their credentials and posing as legitimate job applicants. Once hired, they exploit their access to internal systems to exfiltrate sensitive data, disrupt operations, or even extort their employers for ransom.<\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t
<\/div>\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

One well-known instance involved a North Korean<\/strong> Hacker<\/strong> hired by a US-based Fortune 500 company, which discovered the breach only after the hacker had downloaded sensitive data and demanded a six-figure ransom in Cryptocurrency<\/strong>. This case underscores how North Korean<\/strong> Cyber<\/strong> operatives often use forged identities to infiltrate companies, sometimes even assuming multiple personas to apply for different roles at the same company\u200b<\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"CYBERInsights\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

Precautions for Small Business Owners:<\/strong>
\nTo protect against such threats, Small Business<\/strong> owners should adopt several key practices when hiring Remote<\/strong> or IT<\/strong> personnel:<\/p>\n

Thorough Background Checks:<\/strong>
\nVerify<\/strong> the applicant\u2019s credentials, including past employment, references, and educational background. Be wary of inconsistencies, such as novice language skills despite claims of extensive experience.<\/p>\n

Video Interviews:<\/strong>
\nAlways conduct video interviews to ensure the applicant matches their profile photo. Pay attention to irregularities, such as attempts to avoid using the camera or strange behaviours during the call.<\/p>\n

Monitor Financial Requests:<\/strong>
\nBe cautious of employees who frequently request changes to payment details, such as bank accounts, or who want payments routed through digital wallets.<\/p>\n

Restrict Access:<\/strong>
\nLimit new hires\u2019 access to sensitive systems until their reliability is established. This can mitigate the damage in case the hire turns out to be fraudulent.<\/p>\n

Use Monitoring Tools:<\/strong>
\nImplement monitoring software to detect unusual network activity, such as accessing data outside normal business hours or from foreign IP addresses.<\/p>\n

By employing these steps, Small Businesses<\/strong> can reduce the risk of hiring malicious actors and protect their digital assets from State-sponsored<\/strong> threats.<\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLearn More \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\"Selecting\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t
<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

Looking to select an MSP? Introducing CloudGuard<\/a>, a leading Microsoft security automation specialist and Managed Security Services Provider (MSSP)<\/strong><\/p>\n

Make managing your Small Business Cybersecurity<\/a> simple and stress-free.<\/strong>
\n
\nCloudGuard<\/strong><\/a> help SME Business Owners<\/strong> automate manual effort, remove complexity, solve talent gaps, and reduce operational costs with our 24\/7 Managed Security Services. From their new SOC<\/strong> (Security Operations Centre) in Manchester they provide\u00a0 24x7x365<\/strong> Cybersecurity<\/strong> expertise to SMEs<\/strong> (Small and Medium-sized Enterprises)\u00a0 that often lack the resources and talent to build and manage their own SOC<\/strong> teams effectively.\u00a0Assess Your Cybersecurity Now<\/a> | Get Free Advice from CloudGuard<\/a><\/strong><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Image Credit: IfOnlyCommunications\/AI Learn More \/…<\/p>\n","protected":false},"author":1,"featured_media":14864,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"cybocfi_hide_featured_image":"","footnotes":""},"categories":[516,561],"tags":[562,517],"ppma_author":[415],"class_list":["post-14861","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyberawareness","category-breach-alert","tag-breachalert","tag-cyberawareness"],"featured_image_urls":{"full":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/NKHacker_IfOnly_AI.jpg",1344,768,false],"thumbnail":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/NKHacker_IfOnly_AI-150x150.jpg",150,150,true],"medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/NKHacker_IfOnly_AI-300x171.jpg",300,171,true],"medium_large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/NKHacker_IfOnly_AI-768x439.jpg",640,366,true],"large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/NKHacker_IfOnly_AI-1024x585.jpg",640,366,true],"1536x1536":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/NKHacker_IfOnly_AI.jpg",1344,768,false],"2048x2048":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/NKHacker_IfOnly_AI.jpg",1344,768,false],"covernews-featured":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/NKHacker_IfOnly_AI-1024x585.jpg",1024,585,true],"covernews-medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/NKHacker_IfOnly_AI-540x340.jpg",540,340,true]},"author_info":{"display_name":"Cybersecurity Journalist Iain Fraser","author_link":false},"category_info":"SME CYBER AWARENESS<\/a> BREACH ALERT<\/a>","tag_info":"BREACH ALERT","comment_count":"0","authors":[{"term_id":415,"user_id":0,"is_guest":1,"slug":"cybersecurity-journalist-iain-fraser","display_name":"Cybersecurity Journalist - Iain Fraser","avatar_url":{"url":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png","url2x":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png"},"0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/14861","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/comments?post=14861"}],"version-history":[{"count":38,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/14861\/revisions"}],"predecessor-version":[{"id":14988,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/14861\/revisions\/14988"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media\/14864"}],"wp:attachment":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media?parent=14861"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/categories?post=14861"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/tags?post=14861"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/ppma_author?post=14861"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}