- The FBI letter follows three previous in so many years
- The statement aims to educate companies and avoid national collaborators
- Suggested remedies include using final point protection in computer systems and verifying applications for “typographic errors and unusual nomenclature”
The FBI has affirmed that North Korea’s workers are extorting US companies who have hired them by taking advantage of their access to the source code of stealing.
In a statement, the agency warned employees of national and international companies turned into threat actors, “facilitate cyber activities and carry out income -generating activities” using stolen data “on behalf of the regime.”
He recommended the protection of the end point and monitoring network records to identify where data has been committed in “easy access means” as shared internal units and cloud storage units.
FBI guide on remote hiring processes
The FBI also recommended a litany of actions that are equivalent to knowing who is hiring, which sounds like a good practice, even if it is not especially concerned with involuntarily hiring a threat actor.
He recommended strict identity verification processes throughout the recruitment process and the details of cross verification applicants against those of others in the pile and in different human resources systems.
He also said that these applicants are using AI tools to obfuscate their identities, but, if it is true, they offered few advice to counteract them beyond carrying out recruitment processes in person; That is not always possible.
The agency also suggested that the recruiters make the applicants “soft questions” about their whereabouts and identity, but we suggest that this is a good practice in general.
IT workers from North Korea have been a target of the FBI for some time, since they have published a separate guide in 2022, 2023 and 2024. In the latter, he expressed concern that people based in the United States were , knowingly or without knowing, helping to facilitate the state actors of threats by establishing infrastructure based in the United States, such as frontal directions and companies.
