British companies are being advised to conduct job interviews via video or in-person to avoid the risk of inadvertently hiring North Korean employees.
The caution comes after analysts noted that the UK has become a prime target for misinformed IT workers recruited by North Korea. These individuals are typically hired to work remotely, evade detection, and funnel earnings back to Kim Jong-un’s regime.
In a recent report, Google revealed an incident from last year involving a lone North Korean operative, with at least 12 aliases operating across Europe and the US. These IT workers were seeking positions in defense and government sectors. The new tactic involves fake IT professionals threatening to leak sensitive company data post-termination.
John Hultquist, chief analyst at Google’s Threat Intelligence Group, highlighted North Korea’s shift towards Europe, particularly targeting the UK.
He explained, “North Korea is feeling the heat in the US and has shifted its focus to the UK to expand its IT worker tactics. The UK offers a broad spectrum of businesses in Europe.”
Fraudulent IT worker schemes typically involve individuals with a physical presence in countries aided by “facilitators” or agents of North Korea.
These facilitators play crucial roles like providing fake passports and maintaining local addresses. Laptops used by these individuals often connect to servers in Pyongyang, not their current location. However, they seek jobs that offer unique devices for easier monitoring.
“Ultimately, having a physical presence in the UK is key to their expansion strategy across various sectors in the country,” mentioned Hultquist.
Hultquist suggested that conducting job interviews in-person or via video could disrupt North Korea’s tactics.
Sarah Kern, a North Korean specialist at cybersecurity firm SecureWorks, emphasized that the threat is more widespread than perceived by companies.
She recommended thorough candidate screening and HR education on deception tactics. Companies should prioritize in-person or video interviews to verify the legitimacy of potential employees.
“In the US, conducting in-person or video interviews to verify candidates’ background details is effective in ensuring you’re engaging with truthful candidates,” she added.
Kern noted that IT workers may propose unconventional methods like frequent address changes or the use of money exchange services over traditional bank accounts.
Bogus IT experts are infiltrating Europe through online platforms like Upwork, Freelancer, and Telegram. Upwork stated that attempts to use false identities go against their terms of service, and they take strict action to remove such individuals.
As pointed out by Kern, North Korean IT workers often try to avoid video interviews, likely due to their working conditions in cramped spaces resembling call centers.
Source: www.theguardian.com