top of page
Search
Writer's pictureHoward Rabb

How North Korean hackers infiltrated Global IT companies


a room full of hackers sitting at desks
Our graphics department (AKA Midjourney) thinks it may have looked something like this

Early in 2020 when 256 Solutions was just starting on its journey (I hate how that sounds as much as you do, I'm using the word Journey there to sound ironic and edgey) of helping Hamilton companies manage their IT environments. Back then it was just me answering every call, handling every issue, and writing out every bill.


Later that year I had a conversation with another MSP owner that would change the trajectory of our company. He helped us figure out our service and pricing model and helped ensure we were helping everyone the way they needed to be helped. He asked me if I was planning on hiring any outsourced companies overseas to handle my help desk so that I could focus on growing the business. I told him no. I wanted my customers to know that when they pick up the phone and call us that we're here in Hamilton just down the road and ready to help. I didn't like the move that so many IT companies (and many other companies) were going by offshoring these jobs. The moral issues aside, I just didn't think they could deliver the same level of service. I never for a moment thought about the security ramifications of actually performing this oursourcing. I just shot down the idea cold for customer service reasons.



a man working in his home office in Canada.
What ChatGPT thinks I must have looked like while starting the business in 2020. For one thing, my hair was a lot longer, and I seem to remember wearing more sweatpants


Fast forward to today and we're finding out just how wrong things could go when you outsource your IT workforce. Earlier this year we started seeing news stories about companies being hacked by their own IT providers


As it turns out, this isn’t just about bad service or communication barriers. Some businesses, including some well-established tech firms, unknowingly hired North Korean IT workers who were part of a government-funded operation designed to infiltrate Western companies. These workers were not just looking for jobs—they were looking for ways to access sensitive systems, move money, and funnel those funds directly back to North Korea’s weapons programs. North Korean cyber agents, posing as legitimate remote workers, used stolen identities and doctored resumes to gain employment, then leveraged their access to cause harm.


Organizations have been caught off-guard by how sophisticated these schemes are. The cyber operatives work from "laptop farms" and use VPNs to disguise their true locations, often making it appear as though they're operating within the country of the employer. They tend to shy away from video calls, and when they do provide a photo or identification, it’s often AI-enhanced to pass verification checks. These workers are often involved in multiple jobs simultaneously, pulling in salaries from several companies while using a fake identity.

This trend has evolved rapidly, especially with the rise of remote work during the pandemic. Businesses desperate for IT talent and stretched thin by security demands often don’t have the resources to properly vet remote candidates. This is exactly the gap that North Korean hackers have been exploiting.


The consequences of such infiltration are severe. Aside from financial losses, companies face the risk of long-term espionage and access to sensitive data being used for malicious purposes. And worse, this infiltration often goes unnoticed until after the damage has been done. Even worse than that, the money that was paid to these workers made their way back to a hostile regime that used that money to build more weapons. Irresponsible IT management directly impacted the safety and security of the world.


At 256 Solutions, we’re committed to keeping our operations in-house. Our team members work out of our Hamilton office on Kenilworth, right here, where we can maintain a higher level of oversight, collaboration, and security. We do have one remote employee, and if you've been with us a few years you'll know Darren who started with us here in Hamilton before moving to Ottawa two years ago.


When you work with us, you know who’s on the other end of the line—and that we’re just as invested in keeping your systems secure as you are. If you have a problem that needs someone onsite, we're just a few minutes away. We may not be able to control the entire industry, but we can control how we operate. And that means protecting our customers from threats, not just from cybercriminals, but from the risks that come from outsourcing to unknown and unvetted providers.


If we can leave businesses with one lesson, it’s this: Be careful who you trust with your systems. Not all risks come from hackers breaking in from the outside—sometimes they’re sitting right in front of a company-issued laptop.

0 comments

Comentarios


bottom of page