At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    North Korea Expands Its Fraudulent IT Worker Operations

    North Korea’s fraudulent employment operations have expanded to hit countries around the world, with a particular focus on Europe, according to researchers at Google’s Threat Intelligence Group. 

    While the United States remains a key target, the expansion to other countries is likely driven by increased awareness and a recent crackdown by the US Justice Department.

    These scams involve North Korean nationals fraudulently obtaining remote positions at foreign companies in order to earn money for the DPRK government. 

    “In late 2024, one DPRK IT worker operated at least 12 personas across Europe and the United States,” the researchers explain. “The IT Worker actively sought employment with multiple organizations within Europe, particularly those within the defense industrial base and government sectors. This individual demonstrated a pattern of providing fabricated references, building a rapport with job recruiters, and using additional personas they controlled to vouch for their credibility.

    Separately, additional investigations uncovered other IT worker personas seeking employment in Germany and Portugal, alongside login credentials for user accounts of European job websites and human capital management platforms.”

    In addition to stealing a paycheck from their employers, these workers may also conduct espionage or extortion attacks.

    “Alongside global expansion, DPRK IT workers are also evolving their tactics,” Google says. “Based on data from multiple sources, GTIG assesses that since late October 2024, IT workers have increased the volume of extortion attempts and gone after larger organizations. In these incidents, recently fired IT workers threatened to release their former employers’ sensitive data or to provide it to a competitor. This data included proprietary data and source code for internal projects.”

    New-school security awareness training can give your organization an essential layer of defense against social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    Google has the story.

    The Security Culture How-to Guide

    Improving the security culture of your organization can seem daunting. This how-to guide will walk you through how to build a step-by-step plan, helping you understand the fundamentals of security culture and what you can do to move the culture needle in your organization.

    Security-Culture-How-To-Guide

    You’ll learn:

    • The fundamental ABCs of culture change and how each builds off each other
    • A seven-step cycle for improving your security culture
    • Advice and best practices for making the most out of each step in the process

    Download this guide now!

    Get your manual here!https://info.knowbe4.com/ransomware-hostage-rescue-manual-partner?partnerid=001a000001lWEoJAAW

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:

    https://info.knowbe4.com/wp-security-culture-how-to-guide

    Sign Up to the TIO Intel Alerts!

    Back To Top