Inkit logo
Products
DocGen

Create documents in total privacy

paper icon
Records Management

Set records management policies

folder icon
Workflows

Automate workflow processes

flows icon
Digital Signature

Elevate the security of your digital signatures

signature icon
Solutions
By Industry
Financial Services

Generate, store, and share your financial documents

money icon
Government

Zero Trust security for your government agency

Government icon
Healthcare

Store and share your patient data securely

health icon
Utilities

Document generation and file-sharing solutions

lightning bolt icon
Customers
Developers
Documentation
Guides
WelcomeFeaturesSigning UpQuickstart
SalesforceCreating TemplatesGenerating DocumentsUsing the API
API Reference
integrations icon
API Change Log
bars icon
API Status
computer icon
Libraries & SDKs
squares icon
Resources
Insights

Get in the know with articles about Inkit

panels icon
Press

Get the latest new about Inkit

book icon
Encryption

Protect your information with end-to-end encryption

encryption icon
Salesforce

Learn how Inkit integrates with your Salesforce account

salesforce small logo
Contact Us
Inkit logoBook a Demo
hamburger icon
Home
Products
DocGenRecords ManagementWorkflowsDigital Signature
Solutions
Financial ServicesGovernmentHealthcareUtilities
Documents
Guides & DocumentationAPIs ReferenceAPI StatusAPI Change LogLibraries & SDKs
Resources
InsightsPressEncryptionSalesforce
Contact Us
Insights Home
October 31, 2024
October Insights: Have you hired a North Korean hacker?
Industry Deep Dives
Information Security
DocGen
github iconlinkedin iconfacebook iconX icon
TABLE OF CONTENTS
1
BBC: Company Accidentally Hires a North Korean Hacker
2
AI’s Role in the Deception
3
Forbes: NSA Says to Reboot Your Device Now
4
Politico: Judge Orders the CDC to Stop Deleting Emails of Departing Staff
5
Forbes: Internet Archive Breached for the Third Time
6
Forbes: Federal Employees, Update Your PC or Stop Using It.
7
8
9
FAQs
Final Takeaway
SHARE THIS ARTICLE
github iconlinkedin iconfacebook iconX icon
Loading the Elevenlabs Text to Speech AudioNative Player...

Remote work enables global collaboration, but it’s not without risk. North Korean hackers have been using AI to commit fraud, gain employment with companies, steal valuable information, and then immediately ransom it for top dollar. Dozens of Fortune 100 companies have been affected by this elaborate scam.

In other news, the CDC’s retention policies are under fire as they’ve been found to delete emails of former employees in a non-compliant manner.

Document security and record retention are big themes this month, so without further ado, here’s a brief roundup of the stories I’m following this month.

BBC: Company Accidentally Hires a North Korean Hacker

Mandiant cyber researchers have uncovered this fake IT worker profile

‍

With the rise of remote work, a new insider threat has emerged. North Korean hackers have been committing identity fraud to gain employment in organizations, collect sensitive data, and then hold the information for ransom… and companies are paying the price.

AI’s Role in the Deception

AI has been used to create fake headshots.

According to a report by Mandiant, dozens of Fortune 100 companies have been found to have accidentally hired North Korean cyber criminals. Once given access to the company’s computer network, the hackers downloaded sensitive company data and sent a ransom demand. This is the latest in a string of cases of western remote workers being unmasked as North Koreans.

Key Takeaway

Authorities warn employers to be vigilant about new hires if they are fully remote.

Failure to comply with document requirements can have serious consequences. These can include legal fines, damage to your reputation, and disruption of your operations.

— Is your organization compliant?
Learn More about Document Requirements

Forbes: NSA Says to Reboot Your Device Now

The NSA releases mobile device best practices for 2020.

The NSA previously issued a mobile device best practices guide that informs readers what they should avoid, disable, do, and not do to reduce risk. Forbes recently evaluated the guide, reinstating the need to turn your device off and on every week.

Key Takeaway

Consider rebooting your phone weekly to remove the threat of non-persistent malware.

“Inkit’s steadfast prioritization on data security, providing the best possible variable costs, and having a rockstar support team has made this partnership exceptional.”
— Aaron Williams, Head of Asana for Nonprofits
Learn More About DocGen at Inkit

Politico: Judge Orders the CDC to Stop Deleting Emails of Departing Staff

Judge finds ‘likely unlawful’ activity regarding the CDC’s deletion of employee emails.

U.S. District Judge Rudolph Contreras ruled in a 36-page opinion that “the [Center for Disease Control]’s policy and practice of disposing of former employees’ emails ninety days after the end of their employment is likely unlawful.”

Contreras said the agency appeared to have embraced the National Archives protocol known as the Capstone Plan and then abandoned part of it without permission.

Key Takeaway

A U.S. District Judge ruled that the CDC is possibly violating recordkeeping policies set forth by the National Archives protocol.

‍

airforce logo
“The assurance of data security is mission-critical to our everyday operations. The Inkit platform has provided us the single, all-inclusive solution we needed to maintain control and privacy over our information.”
Learn More About DocGen at Inkit
Black vital logo
“Using Inkit’s on-demand document generation and retention policies has proven to be highly successful for us. We’re using the API to generate application and adverse action notices. The platform provides us development and cost savings over implementing a custom solution.”
— Ed Cody, COO at Vital Card
Learn More About DocGen at Inkit
Black bird logo
“Inkit has enabled us to streamline our back office and collections, reducing program spend by up to 94%, while maintaining the flexibility to integrate with our existing apps and tools.”
— Jordan Hill, Product Manager at Bird Global
Learn More About DocGen at Inkit

Forbes: Internet Archive Breached for the Third Time

Encrypt your systems to avoid breaches of sensitive data.

In a series of escalating cyberattacks, the Internet Archive has confirmed a third security breach on October 20, 2024. Despite previous warnings and multiple breaches earlier this month, hackers were able to exploit unrotated Zendesk API tokens to gain access and potentially download sensitive support data, including personal identification documents submitted by users.

Key Takeaway

The Internet Archive suffers a breach of PII due to existing vulnerabilities with third-party software Zendesk.

‍

Trusted by Those Who Put Privacy First

Experience the leading secure document generation platform. See Inkit in action.

Book a Demo

All-in-One Solution for DocGen

Automate your document generation with Inkit. Get unparalleled control, security, and end-to-end encryption to help you scale.

Book a Demo

Records Retention & Archival on Auto-Pilot

Automate records retention compliance, safeguard documents, and destroy files based on your organization’s policies.

Book a Demo

End-to-End Encryption

Get peace of mind with our zero-access security to safeguard your private information.

Book a Demo

Easy & Secure Digital Signatures

Streamline your agreement process with Inkit. Create custom workflows to request and collect digital signatures.

Book a Demo

Forbes: Federal Employees, Update Your PC or Stop Using It.

Federal cyber agency issues warning for Microsoft Windows users

Due to “an unspecified spoofing vulnerability which can lead to a loss of confidentiality”, the US cyber agency has mandated all federal employees to “apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable” by October 29.

Key Takeaway

Federal employees must update their PC within the next ten days, or stop using it until they can.

‍

Book a Demo with Inkit
Book a Demo with Inkit

Spotlight Picks

Insights, strategies, and stories shaping the future of your industry.

Upcoming Webinars you Won't Want to Miss

Dive Deeper into the topics shaping cybersecurity and compliance in 2025. Join our experts for actionable insights and live Q&A sessions.

RELATED ARTICLES
February Insights: The Rules are Changing. No More Do-Overs
Read
January Insights: Your 2025 Survival Guide
Read
December Insights: Lessons From 2024
Read
Up Next
github iconlinkedin iconfacebook iconX icon
February 28, 2025

February Insights: The Rules are Changing. No More Do-Overs

AI risks, regulatory crackdowns, and Zero Trust shifts—2025 leaves no room for error. Stay ahead of breaches, data laws, and compliance changes.
Industry Deep Dives
January 17, 2025

January Insights: Your 2025 Survival Guide

2025 begins with AI threats, Zero Trust strategies, and evolving cyber risks. Equip yourself with insights and tools to lead confidently this year.
Industry Deep Dives
December 31, 2024

December Insights: Lessons From 2024

Lessons from 2024: AI-driven threats and quantum shifts reshaped cybersecurity. Stay ahead in 2025 with strategies for leaders like you.
Industry Deep Dives
Inkit logo
Secure Document Generation (SDG)
github iconlinkedin iconfacebook iconX icon
Platform
DocGen
Records Management
Workflows
Digital Signature
Company
Contact Us
Careers
Media Kit
Solutions
Financial Services
Government
Healthcare
Utilities
Document Streaming
Developers
Documentation
APIs
Libraries & SDKs
API Status
API Changelog
Resources
Insights
Encryption
Salesforce
DocRetention
Downloads

© Inkit Inc. All rights reserved.

Terms
Privacy
Legal
Site Map
Accessibility
We use cookies to enhance your browsing experience, serve personalized ads and content, and analyze our traffic. By clicking “Accept”, you agree to the use of cookies as detailed in our Privacy Policy and Cookie Policy.
PreferencesDenyAccept
Privacy Preference Center
When you visit websites, they may store or retrieve data in your browser. This storage is often necessary for the basic functionality of the website. The storage may be used for marketing, analytics, and personalization of the site, such as storing your preferences. Privacy is important to us, so you have the option of disabling certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may impact your experience on the website.
Reject all cookiesAllow all cookies
Manage Consent Preferences by Category
Essential
Always Active
These items are required to enable basic website functionality.
Marketing
These items are used to deliver advertising that is more relevant to you and your interests. They may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the website operator’s permission.
Personalization
These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. For example, a website may provide you with local weather reports or traffic news by storing data about your current location.
Analytics
These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues. This storage type usually doesn’t collect information that identifies a visitor.
Confirm my preferences and close