Remote work enables global collaboration, but it’s not without risk. North Korean hackers have been using AI to commit fraud, gain employment with companies, steal valuable information, and then immediately ransom it for top dollar. Dozens of Fortune 100 companies have been affected by this elaborate scam.
In other news, the CDC’s retention policies are under fire as they’ve been found to delete emails of former employees in a non-compliant manner.
Document security and record retention are big themes this month, so without further ado, here’s a brief roundup of the stories I’m following this month.
BBC: Company Accidentally Hires a North Korean Hacker
With the rise of remote work, a new insider threat has emerged. North Korean hackers have been committing identity fraud to gain employment in organizations, collect sensitive data, and then hold the information for ransom… and companies are paying the price.
AI’s Role in the Deception
According to a report by Mandiant, dozens of Fortune 100 companies have been found to have accidentally hired North Korean cyber criminals. Once given access to the company’s computer network, the hackers downloaded sensitive company data and sent a ransom demand. This is the latest in a string of cases of western remote workers being unmasked as North Koreans.
Key Takeaway
Authorities warn employers to be vigilant about new hires if they are fully remote.
Forbes: NSA Says to Reboot Your Device Now
The NSA previously issued a mobile device best practices guide that informs readers what they should avoid, disable, do, and not do to reduce risk. Forbes recently evaluated the guide, reinstating the need to turn your device off and on every week.
Key Takeaway
Consider rebooting your phone weekly to remove the threat of non-persistent malware.
Politico: Judge Orders the CDC to Stop Deleting Emails of Departing Staff
U.S. District Judge Rudolph Contreras ruled in a 36-page opinion that “the [Center for Disease Control]’s policy and practice of disposing of former employees’ emails ninety days after the end of their employment is likely unlawful.”
Contreras said the agency appeared to have embraced the National Archives protocol known as the Capstone Plan and then abandoned part of it without permission.
Key Takeaway
A U.S. District Judge ruled that the CDC is possibly violating recordkeeping policies set forth by the National Archives protocol.
.avif)
Forbes: Internet Archive Breached for the Third Time
In a series of escalating cyberattacks, the Internet Archive has confirmed a third security breach on October 20, 2024. Despite previous warnings and multiple breaches earlier this month, hackers were able to exploit unrotated Zendesk API tokens to gain access and potentially download sensitive support data, including personal identification documents submitted by users.
Key Takeaway
The Internet Archive suffers a breach of PII due to existing vulnerabilities with third-party software Zendesk.
Forbes: Federal Employees, Update Your PC or Stop Using It.
Due to “an unspecified spoofing vulnerability which can lead to a loss of confidentiality”, the US cyber agency has mandated all federal employees to “apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable” by October 29.
Key Takeaway
Federal employees must update their PC within the next ten days, or stop using it until they can.
