STATE ACTORS: SKILLS GAP – NK Hackers exploiting Cyber Skills Shortage to blag jobs
admin October 22, 2024CYBER Insights – Helping Keep Small Business CYBERSafe!
Gibraltar: Monday 21 October 2024 at 11:00 CEST
STATE ACTORS: SKILLS GAP – NK Hackers exploiting Cyber Skills Shortage to blag SME Cybersecurity Jobs.
By: Iain Fraser – Cybersecurity Journalist
CYBERInsights/THREATIntel
First for SME Cyber News & Intel
#CyberInsights #CyberSecurity #CyberMedia #CyberPR #CyberAwareness #CyberSkillsShortage #SME #SmallBusiness #smallbusinessowner #StateActors #MSP #CloudGuard
North Korean Hackers have increasingly been using fake identities to secure jobs as IT and Cybersecurity professionals in Western companies, including the UK, as part of their broader strategy to launch Cyberattacks and steal data. In several reported cases, these hackers have successfully infiltrated businesses by falsifying their credentials and posing as legitimate job applicants. Once hired, they exploit their access to internal systems to exfiltrate sensitive data, disrupt operations, or even extort their employers for ransom.
One well-known instance involved a North Korean Hacker hired by a US-based Fortune 500 company, which discovered the breach only after the hacker had downloaded sensitive data and demanded a six-figure ransom in Cryptocurrency. This case underscores how North Korean Cyber operatives often use forged identities to infiltrate companies, sometimes even assuming multiple personas to apply for different roles at the same company
Precautions for Small Business Owners:
To protect against such threats, Small Business owners should adopt several key practices when hiring Remote or IT personnel:
Thorough Background Checks:
Verify the applicant’s credentials, including past employment, references, and educational background. Be wary of inconsistencies, such as novice language skills despite claims of extensive experience.
Video Interviews:
Always conduct video interviews to ensure the applicant matches their profile photo. Pay attention to irregularities, such as attempts to avoid using the camera or strange behaviours during the call.
Monitor Financial Requests:
Be cautious of employees who frequently request changes to payment details, such as bank accounts, or who want payments routed through digital wallets.
Restrict Access:
Limit new hires’ access to sensitive systems until their reliability is established. This can mitigate the damage in case the hire turns out to be fraudulent.
Use Monitoring Tools:
Implement monitoring software to detect unusual network activity, such as accessing data outside normal business hours or from foreign IP addresses.
By employing these steps, Small Businesses can reduce the risk of hiring malicious actors and protect their digital assets from State-sponsored threats.
Looking to select an MSP? Introducing CloudGuard, a leading Microsoft security automation specialist and Managed Security Services Provider (MSSP)
Make managing your Small Business Cybersecurity simple and stress-free.
CloudGuard help SME Business Owners automate manual effort, remove complexity, solve talent gaps, and reduce operational costs with our 24/7 Managed Security Services. From their new SOC (Security Operations Centre) in Manchester they provide 24x7x365 Cybersecurity expertise to SMEs (Small and Medium-sized Enterprises) that often lack the resources and talent to build and manage their own SOC teams effectively. Assess Your Cybersecurity Now | Get Free Advice from CloudGuard