Identity Verification could have stopped this North Korean hacker from being hired by the US security awareness company, KnowBe4.

The cybersecurity training company KnowBe4 decided to use a recent hacking attempt against them, as a security awareness campaign to demonstrate how bold hackers are. The specific incident involved a North Korean state-sponsored hacker successfully impersonating as a software engineer and being hired by KnowBe4. This bad actor used a combination of a stolen US identity and an AI generated profile picture, that resulted in him gaining employment and being provided with a corporate device, which he immediately attempted to deploy malware on.

The good news is that KnowBe4’s Endpoint Detection and Response tool identified this suspicious activity, prompting the company’s incident response team to investigate.

This ultimately resulted in stopping this hacking attempt.

After going through this experience KnowBe4 offered several recommendations to help prevent infiltration from fraudsters posing as fake employees.

Enhanced vetting: Ensure vetting is enhanced to identify inconsistencies in employee details and career credentials.

Identify anomalies: Identify if the employee’s shipping address for corporate devices is different from their provided home address.

Investigate activity: Conduct a video call with the employee to ask about the nature of their work.

Monitor access: Implement rigorous monitoring of remote access solutions and other anomalous behaviors such as the use of Voice over Internet Protocol (VOIP) numbers and VPNs.

Update user awareness: Update your organization’s user awareness training to educate employees on this type of social engineering.

Conclusion:

This incident underscores the paramount importance of implementing robust cybersecurity measures, through vetting processes, and vigilant monitoring to mitigate risks from insider threats and advanced persistent threats.

At Treefort, our identity verification technology is designed to prevent identity fraud attempts like the one KnowBE4 encountered. While tailored for legal professionals, our technology is also effective for employee identity verification. At Treefort, we conduct both background checks and ID verifications as part of our hiring process, a practice increasingly adopted by our clients.

KnowBE4’s public disclosure of this hacking incident serves as a reminder that any business could be vulnerable. Using identity verification technology during the hiring process is essential. Today’s hackers can create deepfake synthetic IDs, generative AI photos, and deepfake audio and video. At Treefort, we are committed to offering the most robust and comprehensive solution to these challenges.

Kim Krushell, Co-Founder

Resource: https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us