You are here

Insider Threat – KnowBe4 Didn’t ‘Know Before’ Emphasizes how it can Happen to Any Organization

Insider Threat – KnowBe4 Didn’t ‘Know Before’ Emphasizes how it can Happen to Any Organization

Created: Thursday, July 25, 2024 - 14:22
Categories:
Cybersecurity, Security Preparedness

On Tuesday, Florida-based security awareness training company KnowBe4 reported that a North Korean agent, posing as a software engineer, managed to bypass its hiring background checks and spent the initial 25 minutes of employment trying to install malware on a company computer.

In its blog post, KnowBe4 chief executive Stu Sjouwerman warned that the operative displayed “a high level of sophistication in creating a believable cover identity, exploiting weaknesses in the hiring and background check processes, and attempting to establish a foothold.” However, also in the post, KnowBe4 made clear to mention this was not a data breach: “No illegal access was gained, and no data was lost, compromised, or exfiltrated.” The KnowBe4 CEO stated that the employee was identified as an AI deepfake. They are one of hundreds of cases of North Korean state operatives impersonating IT professionals to gain access to numerous U.S. companies.

Main takeaway

The infiltration of a reputable security awareness training firm like KnowBe4 highlights the reality that this could happen to anyone. It's more prevalent than many realize and is particularly relevant for critical infrastructure organizations that are frequently targeted by nation-state actors.

Tips From KnowBe4

  • Scan your remote devices, to make sure no one remotes into those.
  • Better vetting, making sure that they are physically where they are supposed to be.
  • Get these people on video camera and ask them about the work they are doing.
  • References potentially not properly vetted. Do not rely on email references only.
  • Implement enhanced monitoring for any continued attempts to access systems.
  • Review and strengthen access controls and authentication processes.
  • Conduct security awareness training for employees, emphasizing social engineering tactics.

CISA also published a fact sheet today titled Resources for Onboarding and Employment Screening Fact Sheet, which provides actionable recommendations and resources for the vetting and employment screening of individuals, prior to their hiring into an organization. Members are encouraged to review the fact sheet as well as KnowBe4’s full blogpost for more details. For more information, visit SecurityWeek.