Friday, October 11, 2024

Cybersecurity: The Office for the Protection of the Constitution warns companies about IT workers from North Korea

The Federal Office for Protection of the Constitution warns German companies about IT providers from North Korea who offer themselves as freelancers on online platforms. According to the office, they conceal their true origins and use stolen identities to receive orders.

Anyone who hires such disguised IT specialists exposes themselves to considerable risks, the Office for the Protection of the Constitution further warned. This included risks to the client’s image – but also damage such as theft of intellectual property or internal company data. The companies could also unintentionally participate in imposing sanctions against North Korea to hurt.

The US specialist portal The Daily Beast already had about a year ago reported such activities by North Korean IT workers. The US Federal Police FBI also uncovered the activities. They therefore served to circumvent sanctions and earn money for North Korean government agencies involved in research and development of ballistic missiles. To do this, North Korean agents concealed their identities.



Is that a bubble? – The podcast for everyone who wants to understand economics
:
How do you fight cybercrime?

The Office for the Protection of the Constitution advises personal job interviews

“Companies that hire North Korean IT workers help the regime obtain foreign currency and thus indirectly contribute to financing its nuclear weapons and missile program,” the Office for the Protection of the Constitution said. The North Koreans often pose as freelancers from South Korea, Japan or Eastern European countries.

The Office for the Protection of the Constitution called on human resources managers at German companies to only conduct job interviews in person or via video call. In this way, they could check the identity of the providers and determine whether there are any discrepancies. “In the video call, pay attention to eye movements or long pauses in speech that indicate reading of the answers,” the agency wrote.

In addition, free orders should not be paid exclusively in cryptocurrencies. Payments with cryptocurrencies are typical for cybercriminals. There are also often discrepancies in applicants’ CVs. According to the security notice, HR managers should try to check the references provided therein independently of the information provided by the applicants.

Source link

Latest Article