KnowBe4 Hires North Korean Hacker: A Cautionary Tale
US security vendor KnowBe4 recently disclosed that it unintentionally employed a North Korean hacker who attempted to infiltrate the company’s network with malware. The company’s CEO, Stu Sjouwerman, shared the incident in a blog post, emphasizing the importance of staying vigilant against such threats.
Discovering the Threat
KnowBe4 acted swiftly upon discovery of the attempted breach and confirmed that no unauthorized access or data loss occurred. The situation served as a valuable learning experience for the company and highlighted the need for robust cybersecurity measures.
The Hiring Process and Unforeseen Dangers
The company’s recruitment process, which involved thorough background checks and video interviews, failed to detect the hacker’s true identity. Despite utilizing a stolen U.S. identity and an artificially enhanced photo, the hacker managed to slip through the screening process undetected.
Once employed as a lead software engineer, the hacker’s suspicious activities were flagged by the security software, prompting an investigation by KnowBe4’s Security Operations Center (SOC). The subsequent findings suggested that the hacker may have deliberately loaded malware onto the company’s systems.
The Implications and FBI Investigation
Following the discovery, KnowBe4 collaborated with cybersecurity experts at Mandiant and the FBI to further investigate the incident. It was determined that the hacker was operating from North Korea, engaging in illicit activities to fund cyber schemes.
The ongoing FBI investigation has shed light on the complexities of dealing with insider threats and state actors in the cybersecurity landscape. KnowBe4 remains committed to enhancing its security protocols to prevent similar incidents in the future.
This story originally appeared in Technology Arts Festival.
