A story about how a former CIA operative turned away a North Korean who applied for a job
The FBI
We found North Korean engineers in our application pile. Here's what our ex-CIA co founders did about it.
https://www.cinder.co/blog-posts/north-korean-engineers-in-our-application-pile
Cinder, which provides a platform for clients to combat terrorist organizations and nation-state disinformation campaigns, was co-founded by Glenn Wise and Philip Brennan, who both worked on North Korea-related cybersecurity and human rights issues for more than a decade as CIA operatives.
That allowed them to spot something suspicious about people applying for jobs at Cinder 15 months before the FBI warned about North Korean workers.
Specifically, there are seven suspicious points:
The job site profiles were recently created and either had no photo, or the profile image was obscured by sunglasses or goggles, was too far away to see clearly, or was generated using AI.
-Fictitious work history, including non-existent office locations.
- There is no trace of any activity on the internet other than the job site, such as on GitHub or social media.
- When you have an online interview, you can hear a lot of noise, as if there are many other people being interviewed in the same room.
- He is unable to answer basic questions about where he has worked or his background, such as 'What department did you belong to at your previous job at Uber?' or 'What is the nearest train station to your workplace in Paris?'
- Can only respond according to a script and insists on working remotely.
- Their English ability does not match the content of their resume or profile, for example, they may have earned a bachelor's degree from an American university but cannot speak English at an interview level.
Another notable characteristic was that the messages they sent when applying for jobs were vague.
However strange it may be, this was before the issue of North Korean remote workers came to light. Therefore, even though the founders of Cinder knew that North Korea could send workers overseas, they never expected that a North Korean would openly apply for a full-time position at an American company.
Because the cybersecurity industry relies on trust and security, Cinder immediately shared information with other security companies to identify patterns of North Koreans trying to impersonate Americans. As a result, it was discovered that 80% of applicants on several job sites were North Korean.
Initially, the process for identifying North Koreans was not sophisticated, so applicants could not be weeded out through document screening, and there were cases where they only realized they were North Korean after a Zoom interview. Interviewers who conducted such interviews often noticed that applicants adamantly refused to travel or go on business trips abroad.
So Cinder told job seekers, 'Cinder's clients include organizations investigating national espionage and insider crime. This comes as no surprise, as the company's co-founders are from US intelligence agencies, including the CIA.'
One job seeker, who appeared to be from North Korea, immediately walked out of the Zoom call after hearing this and never contacted him again.
Cinder called on companies concerned about the issue to 'continue to receive dozens of applicants suspected to be of North Korean origin, and are taking steps to share relevant information with the security teams of partner networks and job sites. If your company is also affected by this growing threat, please contact us and we'll be happy to provide further tips and preventative measures.'
Related Posts:
in Security, Posted by log1l_ks