Company hacked after hiring cybercriminal

A company, which has chosen to remain anonymous, based in the UK, US, or Australia, was the victim of a cyberattack after inadvertently engaging the services of a North Korean cybercriminal as a remote IT worker. Once the hacker had gained access to the computer network of the anonymous company, he proceeded to download a substantial quantity of sensitive data and asked later for a ransom, as reported by the BBC. The cybercriminal demanded the payment of a sum in cryptocurrency, indicating that the stolen information would be published or sold online if the demand was not met. It is still unclear whether the company in question made the payment demanded by the perpetrators. Analysts believe the data may have been rerouted to North Korea using a sophisticated process designed to evade the sanctions imposed on the country by Western nations. A 2024 Securonix survey revealed a notable increase in concern about the potential for malicious insider activity within organisations. In this context, 90% of companies consider internal attacks to be “equally or more difficult to detect than external attacks”. In the meantime, the authorities warn employers to beware of new hires involving remote work.