The U.S. government yesterday warned that North Korea is deploying its IT workers to freelance jobs at companies worldwide as this will enable them to have full access to facilitate cyber intrusions.
Due to the enforcement of freelance jobs by the government for IT skilled workers in North Korea, these workers target freelance jobs in an organization in famous nations
Assisting North Korea in Hacking Operations
It is recommended by the U.S. Department of State, the U.S. Department of the Treasury, and the Federal Bureau of Investigation (FBI) to have red-flag indicators that can signal against fortuitous DPRK workers in their companies.
This has been often discovered with the means of freelance workers in providing solutions to an organization giving them access to the company’s infrastructure which can cause great damage.
North Korea doesn’t get involved in cyber intrusion, they have used the privileged access gained as contractors to enable the DPRK’s malicious cyber intrusions. They are cognisant of North Korea’s hacking operations, giving them access to infrastructure and enabling, money laundering
Countries such as China, Russia, Africa, and Southeast Asia have their DPRK’s dispatched wage earners assisting North Korean hackers in stealing data, thus perpetual scenarios have occurred in the past and present times.
To get into the desired position, North Korea’s IT workers often pretend to be teleworkers located in the U.S. or other non-sanctioned countries. They also pretend to be South Korean, Chinese, Japanese, or Eastern European teleworkers.
North Korean IT workers are liaising with companies that involve mobile apps, artificial intelligence, virtual and augmented reality, database development and management, facial and biometric recognition as a means to breach the company’s data and also get privileged access to deploy their malicious act.
To reduce this act, it was stated to companies not to give IT workers an administrative privilege to their infrastructure and to use the virtual private network(VPN) or IP addresses from other locations.
