NK using a shotgun approach to get spies hired as IT workers

  • Thread starter Thread starter altmin
  • Start date Start date
  • Replies: 1
  • Views: 57
  • Politics 

altmin

Iconic Member
ZZL Supporter
Messages
2,491
On paper, the first candidate looked perfect. Thomas was from rural Tennessee and had studied computer science at the University of Missouri. His résumé said he’d been a professional programmer for eight years, and he’d breezed through a preliminary coding test. All of this was excellent news for Thomas’ prospective boss, Simon Wijckmans, founder of the web security startup C.Side. The 27-year-old Belgian was based in London but was looking for ambitious, fully remote coders.

Thomas had an Anglo-Saxon surname, so Wijckmans was surprised when he clicked into his Google Meet and found himself speaking with a heavily accented young man of Asian origin. Thomas had set a generic image of an office as his background. His internet connection was laggy— odd for a professional coder—and his end of the call was noisy. To Wijckmans, Thomas sounded like he was sitting in a large, crowded space, maybe a dorm or a call center.



Wijckmans fired off his interview questions, and Thomas’ responses were solid enough. But Wijckmans noticed that Thomas seemed most interested in asking about his salary. He didn’t come across as curious about the actual work or about how the company operated or even about benefits like startup stock or health coverage. Odd, thought Wijckmans. The conversation came to a close, and he got ready for the next interview in his queue.




Wijckmans didn’t know it yet, but he’d stumbled onto the edges of an audacious, global cybercrime operation. He’d unwittingly made contact with an army of seemingly unassuming IT workers, deployed to work remotely for American and European companies under false identities, all to bankroll the government of North Korea.
 

There are allegedly thousands of North Koreans who have successfully disguised themselves as Americans and landed remote work jobs at Fortune 500 businesses and crypto firms. And while their techniques for getting in are sophisticated, catching them apparently just requires asking one kinda crude question: “How fat is Kim Jong Un?”


According to Adam Meyers, the Senior Vice President of Counter Adversary Operations at cybersecurity firm CrowdStrike, asking that question during the interview process stops the North Korean workers in their tracks. While speaking at the RSA Conference earlier this week, Meyers explained that asking a question like that will cause the prospective worker to abort. “They terminate the call instantly, because it’s not worth it to say something negative about that,” he said, according to a report from The Register.

Meyers said there are other giveaways, too, if you know what to look for. “One of the things that we’ve noted is that you’ll have a person in Poland applying with a very complicated name, and then when you get them on Zoom calls, it’s a military age male Asian who can’t pronounce it,” he said.
 
Back
Top