Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Security Threats. Show all posts

VPN Intrusions From North Korea Expose Businesses to New Security Threats

 


FBI and Department of Justice officials revealed that several U.S.-based companies with employees working in information technology have hidden the fact that millions of dollars of wages are being sent secretly to North Korea for the purposes of its missile programs for years. 

In an announcement on Wednesday, the Justice Department announced that North Korean IT workers were used to provide remote and in-office assistance to companies in St. Louis and other parts of the country under false identities, the department said. 

A news conference held by FBI officials in St. Louis revealed that most of the money earned by these individuals was funnelled into the North Korean weapons program. It is still unclear when such a campaign began, however, investigators are convinced that thousands of North Korean freelancers have succeeded in securing jobs in US companies by concealing their identities for at least the last 5 years, even if they have only succeeded for a short period. 

The workers are suspected of using this money to buy weapons for Kim Jong Un, steal company secrets, and plant malware on company computers and devices. Both the South Korean and US authorities have updated their recommendations to employers following the latest evidence of North Korean agents working as freelancers for a company, in an attempt to help them avoid hiring them.     

An investigation involving the seizure of $1.5 million, as well as 17 domain names, has recently been announced by federal authorities as part of the ongoing investigation. A special agent with the FBI's office in St. Louis, Jay Greenberg, said that any company that hires freelance IT workers has a greater chance of hiring someone to take part in the scheme since they hire many freelance workers. 

Neither the officials nor the companies that have unknowingly hired North Korean workers have named the companies. According to court documents, the government of North Korea has dispatched thousands of skilled IT workers to live mainly in China and Russia as a means of deceiving businesses all over the world into believing they would be eligible for remote employment under a freelancer contract. 

It is estimated that North Korea's weapons programs receive millions of dollars in wages every year from the IT workers. The Justice Department asserts that in some cases, the North Korean workers gained access to computer networks and stole information from the companies they worked for to achieve their goals. 

As part of a hacking and extortion scheme that they kept access to, the agency asserted that they also retained access to future hacks. To make it appear as if they were working in the United States, Greenberg said the workers utilized various methods, including paying American citizens to use their Wi-Fi connections at home to make it look as if they were there. 

Since the start of 2022, there have been over 100 missile tests carried out by North Korea and the United States has expanded its military exercises with its Asian allies, in response to these test-firings in tit-for-tat response. Tensions on the Korean Peninsula have increased as a result of North Korea's testing. 

A joint statement made by state media, the North Korean government, and the North Korean military has come to the conclusion that the leader of the country Kim Jong Un believes nuclear weapons should be produced at an exponential rate, as well as that North Korea should be an important component of a coalition of nations opposed to the United States in a "new Cold War."

North Korean hackers working for the government claimed in February that they stole record-breaking virtual assets worth between $630 million and over $1 billion last year which was estimated by United Nations experts to be worth between $630 million and over $1 billion. 

An expert panel from the University of Chicago reported that hackers were using increasingly sophisticated techniques to access digital networks that were involved with cyberfinance, and they used those tools to steal information that could have been useful to North Korea's nuclear and ballistic missile programs from government officials, individuals and companies to build up the nuclear and ballistic missile programs. 

According to the FBI, employers should conduct an online background check when recruiting new employees to see if the same identity is linked to multiple profiles, and they should also record all interactions with prospective employees as necessary. 

If employers are concerned about online security, then they should always require their freelancers to turn off their private VPN when they access company networks to protect their data. In addition, business owners are also advised to adopt a strict zero-trust cybersecurity policy, in which sensitive proprietary information should not be accessed by remote employees when possible. 

Aside from the fact that North Korean hackers are mostly targeting the technology industry because of high salaries, it is also important to remember that it is just one of the areas in which North Korean hackers operate – John Hultquist, director of threat intelligence at Cybersecurity firm Mandiant, told the Associated Press on Monday. 

This FBI investigation reveals a covert channel for funnelling millions to North Korean missile programs via unsuspecting U.S. companies employing information technology staff. This alarming discovery highlights the urgency of safeguarding against such international cyber threats due to freelancers who work under false identities, raising security concerns and requiring enhanced hiring practices.