usatoday24
The cinema, the video games and the stories of double agents They have been showing the image of the spies as riskylonely and, sometimes, lustful. The reality is that this field work has gone to the background in an era in which cyberspage and labor infiltration prevails. China and North Korea are protagonists from time to time when we talk about this matter and, sometimes, the cover is so rough that a single question is enough to uncover the cake:
What is done on Halloween.
Steven Scott Jr. Smith. That name is the most American, the equivalent of José Pérez in Spain. Steven asked for work in Kraken, a bank and exchango of American cryptocurrencies and, from the first minute of the test, something failed.
As we read in FortuneSteven, who claimed to have 11 years of experience as a software engineer in companies like Cisco and two years living in Houston, Texas, connected to the video call with a different name than the one he showed in his curriculum and changed it quickly. He also answered simple questions with hesitation and, for more complex ones, it took something more to answer, as if he were talking to someone else who smeared the answers.
Cornering the spy. That alerted the recruiters, and that is where they began to ask questions that had nothing to do with work, since they hid another intention: catch what they thought it was a spy trying to sneak into their system. The interview was conducted on October 31, Halloween party in the United States, and recruiters asked three key questions.
- Given the comment that that night it would be necessary to close before because there would be children calling the doors of the houses, Steven commented that he would not do “special” if they called his.
- Among the interests that reflected in the curriculum was the food. One of the recruiters told him that he would go to Houston in a few days and that if he could recommend a city restaurant. Steven looked around, smiled and said “there is nothing special here.” Rare, considering that, in a city of 2.3 million inhabitants, at least one good restaurant must be.
- The third request was to show him an identification. Steven commented that he did not have it at hand, but after a few minutes, he shared a photo of his driving card with an address that is more than 480 kilometers from Houston.
In the following video of CBS you can see both the license and the question of the restaurants:
Culture of productive paranoia. Kraken herself tells the story in her blog, detailing that they realized that something was going wrong and continued with the interview with an objective: to study their focus to try to extract details about their identity. The companies that are dedicated to the crypto have had recent robberies and Nick Perceco problems, one of Kraken’s security responsible, states that these attacks are not an exclusive problem of companies such as their own, but a global threat.
It also points three keys to this recent espionage/robbery strategy:
- Not all attackers force the entrance, but try to enter through the main door of the companies, applying as employees.
- The generative AI facilitates deception, since it is used to pass the initial tests such as the curriculum or the photo, so the interviews seem key with verification questions that avoid predictable patterns. Halloween’s example or restaurant recommendation, for example.
- Finally, it is key to have a productive paranoia culture. They affirm that security is not only the responsibility of the recruitment and security equipment of companies, but that it should be a more global mentality.
It is not isolated. When Kraken’s team investigated Steve’s operational history, he discovered interesting things. For example, I used a Mac desktop located in a shared data center. It was connected using a VPN to hide both the location and the network activity and its curriculum was linked to a github profile in which a mail address compromised in a data filtration was included.
This agrees with previous research and discoverieswith spies that use that same proceed when connected using VPN to simulate that they are in a direction in the United States, but really being in North Korea and China. And they are not only trying to sneak into American companies: Europe does not get rid.
Missile industry. The suspicion of researchers? Double. On the one hand, there are spies that directly steal in their companies. An example are cases of crypto companies. But another case has to do with the sending of its full salary to the North Korean government to finance the arms industry.
Famous is the case by Christina Marie Champman in Arizona. A farm of remote computers operated from which the attackers simulate that they are on American soil. As noted CNNusing that network, 6.8 million dollars were achieved for, according to Bloombergfinance the North Korean nuclear weapons program.
China does not get rid, but it has another approach. And not only North Korea is interested in sneaking into Western companies: he has also caught China on occasion. The objective, however, is different: while some seek funds for their arms industry, others want knowledge for the development of the chips industry.
At the end of 2003, ASML (the European company that creates the most advanced machines to create avant -garde semiconductors) denounced the theft of confidential information, suspecting that one of its former employees andNt added business secrets to Huawei. Another spy was also accused of stealing SK Hynix information, DE new, for Huawei.
It is a major problem for the West, but also … for China. In mid -2024, the United States sent an alert message to ASML and the rest of the Netherlands universities: “Beware of Chinese students”And this is something that obviously puts a target on all students, also about the legitimate ones.
Images | Xataka with chatgpt
GIPHY App Key not set. Please check settings