- North Korea agents use artificial intelligence to use for remote technological tasks
- Simple questions about Kim Jong Un immediately derailed the interviews
- Laptop farms and deep cabinets help agents bypass remote employment of defense
At the recent RSA conference in San Francisco, security experts aroused an alarm in reference to the growing and increasingly sophisticated campaign by North Korea employees to infiltrate global corporations through distant job applications.
Speaking on the panel, Adam Meyers, senior vp of Crowdstrike’s Counter Verversary Division, said that hundreds of North Korea employees managed to secure a task in corporations from the Fortune 500 list.
According to Meyers, these infiltrators use tools equivalent to generative artificial intelligence to create refined profiles and work applications, as during technical interviews, many colleagues work behind the scenes to finish the challenges of coding, while a single individual supports video connections, sometimes a bit.
An unexpected query
“One of the things we noticed is that you will have a person in Poland who is applying with a very complicated name,” explained Meyers. “And then, when you get them on the zoom, he calls the fact that the male Asian military era cannot pronounce it.”
Meyers shared his favorite method of revealing such candidates: asking questions outside the script. “How fat is Kim Jong Un? They will finish the connection immediately, because it is not worth saying something negative,” he said.
After entering the corporate, infiltrators often lead, because of team efforts behind one identity.
Elizabeth Pelker, a special agent of the FBI, said that success could force employers to remove suspicious agents. “I think I understand” Oh, but Johnny is our best performer. Do we actually need to decelerate? “
The goals of these infiltrators from North Korea are double: collecting wages and gradually excluding intellectual property, often in small amounts to avoid detection.
Pelker recommended coding interviews in the corporate environment to observe behavioral red flags. If they are detected and released, these employees may continue to store certificates or leave the dormant malware for later attempts to extort.
The operation has evolved further. Meyers described how laptops in the United States allow remote employees to fake local IPS. In one case, the FBI spread the farm in Nashville. Meanwhile, false identity programs have appeared in Ukraine, and citizens unknowingly support efforts in North Korea.
Pelker warned that Deepfake technology is also used to deceive employment teams. Education and vigilance, she said, remain the best defense. As one panelist put it, organizations should be careful about employing fully remote employees and to consider personal meetings.
