KnowBe4 recently released publicly information about how a North Korean “fake employee” was accidentally hired and detected. The fake employee was detected very quickly after they started to access the laptop that was sent to them in unusual ways. Their restricted (or limited)- onboarding access was shut down within 25 minutes of the first security alert. No illegal access was gained, and no data was lost, compromised, or exfiltrated on any KnowBe4 systems.
“There are common signs of this fake employee hiring scheme both during and after the hiring process,” said Stu Sjouwerman, CEO, KnowBe4. “Every organization should educate all employees involved in the hiring process about the risks and consider various mitigation tactics such as updating the organization’s hiring process to include asking the candidate to submit fingerprints for identity verification purposes, threat model the organization’s hiring process, and more. We were inspired to share our experience with this unfortunate situation to bring awareness to how pervasive this situation is and to use it as a warning to help protect other organizations from falling victim.”
This new whitepaper details what the North Korean fake employee industry is like, shares many of the signs to look for , and discusses many ways organizations can update their hiring policies to prevent hiring fake employees. To download the North Korean Fake Employees Are Everywhere! How To Protect Your Organization white paper, visit here. For more information on KnowBe4, visit www.knowbe4.com.
About KnowBe4
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 70,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. The late Kevin Mitnick, who was an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Organizations rely on KnowBe4 to mobilize their end users as their last line of defense and trust the KnowBe4 platform to strengthen their security culture and reduce human risk.