It’s been recently reported that North Koreans are getting quite successful at passing IT interviews for remote roles in fluent English and then immediately installing malware.

In our remote-first, AI-enabled world, this is producing all kinds of creative and strange behavior, some of which I’ve seen first-hand as a CISO.

Protecting yourself is simple:

• Get multiple forms of ID.
• Verify those IDs against an official source.
• Make sure the human matches the ID.
• Enroll multiple factors (MFA) from the validated IDs.

For more details, check out NIST 800-53A, or get in touch

https://medium.com/@gdbelvin/how-to-not-hire-a-north-korean-spy-5349dc21eca3