How AI tools are making it harder to catch hackers posing as job applicants

11 months ago 22

Companies that are looking to cybersecurity professionals are facing a new challenge:

hackers

using artificial intelligence (AI) to disguise themselves as qualified applicants – making it difficult for employers to differentiate between legitimate job seekers and bad actors, a report has said.
According to a report by The Wall Street Journal, as cyberattacks on businesses rise, security leaders in the US are tightening hiring procedures to identify bad actors or those exaggerating their skills.

How these ‘applicants’ are ‘dangerous’ for the companies

Spies who are hired may steal intellectual property and corporate data. US officials have previously warned of a large, hidden workforce of North Korean IT workers in low-level jobs globally.
The report says that these workers help North Korea evade sanctions and generate billions through cybercrime, often aided by Westerners posing as

job applicants

.
The Justice Department recently alleged that over 300 US companies unknowingly hired foreign nationals with North Korean ties for remote IT jobs.

What company leaders have to say

Lili Infante, CEO of CAT Labs, a cryptocurrency recovery startup, shared at a cybersecurity conference that North Korean hackers frequently apply for jobs at her company, some even referred by recruiters.

“We've identified over 50 applicants as potential

North Korean spies

forcing us to implement stricter

hiring controls

,” Infante was quoted as saying.
Infante explained that in cryptocurrency firms, these hackers can introduce vulnerabilities to steal assets.
However, cyber hiring teams aren't just looking for state-sponsored actors, applicants with inflated resumes are also a concern.
AI tools

like ChatGPT makes spotting imposters harder as they can generate perfect resumes and cover letter answers. Additionally, AI-created

deepfakes

allow impersonation attacks through mimicked voices and videos, leading to

cyber breaches

.
“I always request ID verification on video. With deepfakes and remote work, it's easy to accidentally hire a North Korean spy if not careful,” Infante said.
Brent Conran, Intel's CISO, says that he personally interviews senior-level cybersecurity hires and uses “technical gates” to assess skills – a test Conran himself had to pass.

Article From: timesofindia.indiatimes.com

Read Entire Article

Note:

We invite you to explore our website, engage with our content, and become part of our community. Thank you for trusting us as your go-to destination for news that matters.

Certain articles, images, or other media on this website may be sourced from external contributors, agencies, or organizations. In such cases, we make every effort to provide proper attribution, acknowledging the original source of the content.

If you believe that your copyrighted work has been used on our site in a way that constitutes copyright infringement, please contact us promptly. We are committed to addressing and rectifying any such instances

To remove this article:
Removal Request