North Koreans are increasingly infiltrating US companies through remote work, with incidents rising more than 220% in the last year, according to cybersecurity vendor CrowdStrike.
CrowdStrike’s annual threat hunting report says North Korean IT workers infiltrated “over 320 companies in the last 12 months.” It warns that North Koreans are using generative AI to help dupe companies into hiring them and “sustain” the rapid pace of successful infiltration.
The report echoes earlier findings from CrowdStrike and the FBI. In April, a CrowdStrike executive said the company was uncovering North Korean IT worker schemes almost daily.
In June, US investigators also warned about North Koreans obtaining remote IT jobs at over 100 US companies, sometimes with the help of people living in the US. This includes one Arizona woman who’s been jailed for helping the North Koreans access and remotely use the corporate-issued laptops from within the US.
(Credit: CrowdStrike)
CrowdStrike adds that generative AI tools have made it easy for North Koreans to fake profile images and write authentic-looking resumes and cover letters to apply for remote IT jobs. The same AI tools can also be used during video calls to deepfake the North Korean’s identity, changing their face in real-time.
“Using a real-time deepfake plausibly allows a single operator to interview for the same position multiple times using different synthetic personas, enhancing the odds that the operator will get hired,” CrowdStrike wrote in the report.
Those generative AI programs also excel at English-language translation and computer coding. It’s why CrowdStrike has detected the North Koreans tapping large language models to help them pass coding tests and during daily correspondence with employers.
Recommended by Our Editors
Hiring North Korean workers can expose companies to serious risks. In past cases, they’ve stolen sensitive data in attempts to extort their employers for more money. Affected companies are also effectively helping the North Korean government by distributing funds to the regime, which is currently facing strict sanctions.
In response, CrowdStrike has been urging companies to scrutinize their remote hires closely. This includes implementing “real-time deepfake challenges” during video call interviews. For example, a deepfake can collapse if a hand passes over the video caller’s face.
How to Use Google’s Veo 3 AI Video Generator
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
About Michael Kan
Senior Reporter
