- Google’s threat intelligence group has identified more DPRK threats
- North Korean computer pirates are raised while IT workers to get work in Western companies
- This brings a series of security threats for companies
A new report from the Google threat intelligence group warned about an expansion of the operations of the Democratic People’s Republic of Korea (North Korea).
The researchers affirm that an increasing number of Western companies accidentally hire IT workers from North Korea who collect funds for the regime.
These workers represent a serious security threat to organizations, which run the risk of data theft, interruption and espionage.
Extortion tactics
This is part of a much broader campaign of the RPDK that has seen the threat actors sponsored by the State that were infiltrated in dozens of Fortune 100 companies, resulting in revenues of up to $ 6.8 million in the RPDC.
This led to the United States Department of Justice to detain several US citizens who directed ‘portable farms’ that house US teams sent to new employees: facilitators installed remote access technology that allowed RPDC workers.
Google also located the facilitators both in the teams to share the US and in the United Kingdom, indicating a “complex logistics chain.”
An investigation into the infrastructure of the campaign revealed a “high interest in Europe”, and a global expansion of RPDC tactics and a greater volume of extortion attempts.
The threat intelligence group identified cases in which it recently dismissed IT workers “threatened to release the confidential data of their former employers or provide them with a competitor,” including patented data and the source code for internal projects.
To combat this phenomenon, Google informs that many companies are operating a policy of bringing their own device, but often lack traditional security and registration tools and make threat detection much more difficult, drastically increasing a risk in malicious activities not detected.
“The increase in extortion campaigns coincided with the greater actions of application of the United States Law against RPD IT workers, including interruptions and accusations. This suggests a potential link, where pressure on these workers may be promoting more aggressive measures to maintain their income flow.
