A company accidentally hired a North Korean remote IT worker, who later stole sensitive company data and attempted to hold it to ransom after being fired, according to an American cybersecurity company.
The FBI has previously said that there are thousands of North Korean IT workers posing as non-North Koreans to get remote jobs in the US, to funnel money back to the North Korean state.
However, this extortion strategy seems to mark a shift in their tactics.
Secureworks, which shared details of the incident with Business Insider, said its Counter Threat Unit, or CTU, uncovered the activity after the unnamed company, based in either the US, UK, or Australia, received an extortion demand.
According to BBC News, the company hired the technician as a contractor after he had falsified his employment history and personal details.
Early into his four-month employment, he used remote-work tools to infiltrate the company’s systems, downloading a large amount of company data, per Secureworks.
Secureworks said the worker was later …