AT&T Managed Threat Detection and Response – Infrastructure Drawing Introducing the AT&T Managed Threat Detection and Response network architecture drawing, meticulously crafted in 2021 Learn More »
DeKalb County School District Please register with our website for a Basic, Advanced, or Recruiter Learn More » Zscaler SASE Example Secure Access Service Edge Zscaler Interview Company Summary of Challenges This is an example Wide Learn More » WellStreet Urgent Care Please register with our website for a Basic, Advanced, or Recruiter Learn More » Tulane University As a Sales Engineer, a particular aspect of the job has no defined description. You Learn More » Jimbob’s Towing and Wrecker Service This is a fictitious network design and proposal for a fictitious towing company by a Learn More » Cybersecurity TechSegment Please register with our website for a Basic, Advanced, or Recruiter Learn More » Sys Logic Technology Services, LLC. Marketing Collateral Sys Logic Technology Services, LLC Marketing Collateral 2024 Learn More » Nueces County, TX SASE Please register with our website for a Basic, Advanced, or Recruiter Learn More » Seminole State College Please register with our website for a Basic, Advanced, or Recruiter Learn More » AT&T Marketing Collateral (Public Sector) Marketing Collateral AT&T Cybersecurity Public Sector Customer Summary of Challenges During my time at AT&T Learn More » AT&T Sales Enablement Training Please register with our website for a Basic, Advanced, or Recruiter Learn More » IBM Security QRadar SOAR – A Day In The Life. During my time at IBM Security, I had the privilege of working on what we Learn More » Industrial Control Use Case I designed this solution based on specs from AT&T USM Anywhere being used as the Learn More » ObserveIT Integration Use Case To integrate with a third-party application that will provide deep granular information into user activity Learn More » IBM Security – Cost of Data Breach Report 2023 (Enablement) The IBM Security Market Insights team is renowned for its comprehensive reports, offering profound insights Learn More »
Zscaler SASE Example Secure Access Service Edge Zscaler Interview Company Summary of Challenges This is an example Wide Learn More »
WellStreet Urgent Care Please register with our website for a Basic, Advanced, or Recruiter Learn More » Tulane University As a Sales Engineer, a particular aspect of the job has no defined description. You Learn More » Jimbob’s Towing and Wrecker Service This is a fictitious network design and proposal for a fictitious towing company by a Learn More » Cybersecurity TechSegment Please register with our website for a Basic, Advanced, or Recruiter Learn More » Sys Logic Technology Services, LLC. Marketing Collateral Sys Logic Technology Services, LLC Marketing Collateral 2024 Learn More » Nueces County, TX SASE Please register with our website for a Basic, Advanced, or Recruiter Learn More » Seminole State College Please register with our website for a Basic, Advanced, or Recruiter Learn More » AT&T Marketing Collateral (Public Sector) Marketing Collateral AT&T Cybersecurity Public Sector Customer Summary of Challenges During my time at AT&T Learn More » AT&T Sales Enablement Training Please register with our website for a Basic, Advanced, or Recruiter Learn More » IBM Security QRadar SOAR – A Day In The Life. During my time at IBM Security, I had the privilege of working on what we Learn More » Industrial Control Use Case I designed this solution based on specs from AT&T USM Anywhere being used as the Learn More » ObserveIT Integration Use Case To integrate with a third-party application that will provide deep granular information into user activity Learn More » IBM Security – Cost of Data Breach Report 2023 (Enablement) The IBM Security Market Insights team is renowned for its comprehensive reports, offering profound insights Learn More »
Tulane University As a Sales Engineer, a particular aspect of the job has no defined description. You Learn More »
Jimbob’s Towing and Wrecker Service This is a fictitious network design and proposal for a fictitious towing company by a Learn More »
Cybersecurity TechSegment Please register with our website for a Basic, Advanced, or Recruiter Learn More » Sys Logic Technology Services, LLC. Marketing Collateral Sys Logic Technology Services, LLC Marketing Collateral 2024 Learn More » Nueces County, TX SASE Please register with our website for a Basic, Advanced, or Recruiter Learn More » Seminole State College Please register with our website for a Basic, Advanced, or Recruiter Learn More » AT&T Marketing Collateral (Public Sector) Marketing Collateral AT&T Cybersecurity Public Sector Customer Summary of Challenges During my time at AT&T Learn More » AT&T Sales Enablement Training Please register with our website for a Basic, Advanced, or Recruiter Learn More » IBM Security QRadar SOAR – A Day In The Life. During my time at IBM Security, I had the privilege of working on what we Learn More » Industrial Control Use Case I designed this solution based on specs from AT&T USM Anywhere being used as the Learn More » ObserveIT Integration Use Case To integrate with a third-party application that will provide deep granular information into user activity Learn More » IBM Security – Cost of Data Breach Report 2023 (Enablement) The IBM Security Market Insights team is renowned for its comprehensive reports, offering profound insights Learn More »
Sys Logic Technology Services, LLC. Marketing Collateral Sys Logic Technology Services, LLC Marketing Collateral 2024 Learn More »
Nueces County, TX SASE Please register with our website for a Basic, Advanced, or Recruiter Learn More » Seminole State College Please register with our website for a Basic, Advanced, or Recruiter Learn More » AT&T Marketing Collateral (Public Sector) Marketing Collateral AT&T Cybersecurity Public Sector Customer Summary of Challenges During my time at AT&T Learn More » AT&T Sales Enablement Training Please register with our website for a Basic, Advanced, or Recruiter Learn More » IBM Security QRadar SOAR – A Day In The Life. During my time at IBM Security, I had the privilege of working on what we Learn More » Industrial Control Use Case I designed this solution based on specs from AT&T USM Anywhere being used as the Learn More » ObserveIT Integration Use Case To integrate with a third-party application that will provide deep granular information into user activity Learn More » IBM Security – Cost of Data Breach Report 2023 (Enablement) The IBM Security Market Insights team is renowned for its comprehensive reports, offering profound insights Learn More »
Seminole State College Please register with our website for a Basic, Advanced, or Recruiter Learn More » AT&T Marketing Collateral (Public Sector) Marketing Collateral AT&T Cybersecurity Public Sector Customer Summary of Challenges During my time at AT&T Learn More » AT&T Sales Enablement Training Please register with our website for a Basic, Advanced, or Recruiter Learn More » IBM Security QRadar SOAR – A Day In The Life. During my time at IBM Security, I had the privilege of working on what we Learn More » Industrial Control Use Case I designed this solution based on specs from AT&T USM Anywhere being used as the Learn More » ObserveIT Integration Use Case To integrate with a third-party application that will provide deep granular information into user activity Learn More » IBM Security – Cost of Data Breach Report 2023 (Enablement) The IBM Security Market Insights team is renowned for its comprehensive reports, offering profound insights Learn More »
AT&T Marketing Collateral (Public Sector) Marketing Collateral AT&T Cybersecurity Public Sector Customer Summary of Challenges During my time at AT&T Learn More »
AT&T Sales Enablement Training Please register with our website for a Basic, Advanced, or Recruiter Learn More » IBM Security QRadar SOAR – A Day In The Life. During my time at IBM Security, I had the privilege of working on what we Learn More » Industrial Control Use Case I designed this solution based on specs from AT&T USM Anywhere being used as the Learn More » ObserveIT Integration Use Case To integrate with a third-party application that will provide deep granular information into user activity Learn More » IBM Security – Cost of Data Breach Report 2023 (Enablement) The IBM Security Market Insights team is renowned for its comprehensive reports, offering profound insights Learn More »
IBM Security QRadar SOAR – A Day In The Life. During my time at IBM Security, I had the privilege of working on what we Learn More »
Industrial Control Use Case I designed this solution based on specs from AT&T USM Anywhere being used as the Learn More »
ObserveIT Integration Use Case To integrate with a third-party application that will provide deep granular information into user activity Learn More »
IBM Security – Cost of Data Breach Report 2023 (Enablement) The IBM Security Market Insights team is renowned for its comprehensive reports, offering profound insights Learn More »
Cybersecurity User Awareness Training Course Overview: This training program is designed to empower employees with the knowledge and skills Read More »
Networking and Cybersecurity Advanced Learning Series Unlock the future of digital defense and network architecture with our Networking and Cybersecurity Advanced Read More »
Cybersecurity Basics Learning Series Please register with our website for a Basic, Advanced, or Recruiter Read More » Networking Basics Learning Series Please register with our website for a Basic, Advanced, or Recruiter Read More »
Networking Basics Learning Series Please register with our website for a Basic, Advanced, or Recruiter Read More »
Leading U.S. Cybersecurity Awareness Company Unknowingly Hires Remote North Korean Hacker tonydegonia July 25, 2024 2:24 pm Elizabeth Montalbano, Contributing Writer | July 25, 2024A software engineer hired for an internal IT AI team immediately became an insider threat by loading malware onto his workstation.A security firm recently hired a software engineer for its internal AI team that turned out to be a North Korean threat actor, who immediately began loading malware to his company-issued workstation.KnowBe4, which provides security awareness and training, conducted standard pre-hiring background checks for the employee and four separate video-conference interviews with him before his hiring, Stu Sjouwerman, KnowBe4’s founder, shared in a blog post about the situation. The company also verified that the person interviewed was the same one in the photo sent in with a resume.The checks came back clean and the candidate for the position (“principal software engineer”) appeared credible and qualified, though later the company realized he was using a stolen identity and his photo was AI-enhanced.Once the verification and hiring process was complete, KnowBe4 sent the new employee, who is referred to in KnowBe4’s post as “XXXX,” his Mac workstation, “and the moment it was received, it immediately started to load malware,” Sjouwerman wrote.“On July 15, 2024, a series of suspicious activities were detected on the user beginning at 9:55pm EST,”he detailed. “When these alerts came in, KnowBe4’s security operations center (SOC) team reached out to the user to inquire about the anomalous activity and possible cause. XXXX responded to the SOC that he was following steps on his router guide to troubleshoot a speed issue and that it may have caused a compromise.”What the employee was really doing, however, was performing various actions to manipulate session history files, transferring potentially harmful files, and executing unauthorized software using a Raspberry Pi. KnowBe4’s SOC attempted to get him on a call to investigate further, but he said he was unavailable and “later became unresponsive.” By 10:20am, the SOC had quarantined XXXX’s device.KnowBe4 shared the data it collected about the employee and his activities with cybersecurity firm Mandiant and the FBI, to corroborate the company’s initial findings. The company eventually discovered that XXXX was a fake IT worker from North Korea, and an FBI investigation is still ongoing.“It Can Happen to Anyone”Sjouwerman stressed to customers that no data breach occurred due to the activity, as security tooling blocked the malware before it was executed. His aim in sharing what happened at his company is to provide “an organizational learning moment,” he said.“Do we have egg on our face? Yes,” he wrote. “And I am sharing that lesson with you.”KnowBe4 grants new employees’ accounts only limited permissions for proceeding through the new hire onboarding process and training, with access to only necessary apps such an an email inbox, Slack, and Zoom. This means that XXXX never had access to any customer data, KnowBe4’s private networks, cloud infrastructure, code, or any KnowBe4 confidential information, Sjouwerman said.“No illegal access was gained, and no data was lost, compromised, or exfiltrated on any KnowBe4 systems,” Sjouwerman wrote. However, “if it can happen to us, it can happen to almost anyone,” he added.Indeed, North Korean threat actors are notorious for engaging in successful cybercriminal activities by posing as credible IT workers. Last October, the Department of Justice warned that the freelance IT market was being flooded by operatives working on behalf of the North Korean government, urging caution to companies when hiring new workers. The department found that these workers are quietly directing their earnings to the government’s sanctions-ridden nation’s nuclear weapons program.“Most of these individuals who attempt to obtain employment are not physically located in the US,” Sjouwerman explained. “In order for them to conduct work, they require a US location for the equipment to be sent. There are small networks set up at drop locations where a US-based individual will turn on the received computers and configure them to be accessed remotely. The remote worker will then connect into the laptop farm network, and from there remote into the received device. This will cause security and access logs for that person to show up as being US-based and coming from the correct device.”How Not to Hire a North Korean HackerKnowBe4 has made “several process changes” to hiring to help ensure any potential bad actor will be detected earlier, according to the post. In the US, for example, the company now will only ship new employee workstations to a nearby UPS shop and require a picture ID to obtain it.Other process improvements that organizations can make are to ensure all background and reference checks are verified for inconsistencies and properly vetted; review and strengthen access controls and authentication processes; and conduct security awareness training for employees to stress social-engineering tactics used by threat actors.The company also made recommendations so other organizations can avoid a similar scenario, including scanning remote devices for any suspicious access or activity; improving vetting and resume scanning for inconsistencies; and checking for red flags, like a laptop shipping address that’s different from where the person is supposed to live and work.Other red flags to look out for in potential employees include the use of VoIP numbers and/or lack of digital footprint for provided contact information, and any discrepancies in addresses, personal information, or date of birth across different sources. A remote employee’s sophisticated use of VPNs or virtual machines should raise an alarm.Resource Article:https://www.darkreading.com/vulnerabilities-threats/security-firm-hires-north-korean-hacker-knowbe4 PrevPreviousBeing unemployed does not equate to being unqualified NextSuicide rates in the US are on the rise: New study offers surprising reasons whyNext