A North Korean imposter was uncovered, working as a sysadmin at Amazon U.S., after their keystroke input lag raised suspicions with security specialists at the online retail giant. Normally, a U.S.-based remote worker’s computer would send keystroke data within tens of milliseconds. This suspicious individual’s keyboard lag was “more than 110 milliseconds,” reports Bloomberg.
Amazon is commendably proactive in its pursuit of impostors, according to the source report. The news site talked with Amazon’s Chief Security Officer, Stephen Schmidt, about this fascinating new case of North Koreans trying to infiltrate U.S. organizations to raise hard currency for the Democratic People’s Republic of Korea (DPRK), and sometimes indulge in espionage and/or sabotage.
Sounds much better than “Amazon surveils keystrokes of its IT workers”!
This was also my takeaway. Sounds like a security nightmare if they are logging any data.
If you use a company-provided computer for work, then it’s safe to assume they’re already doing that.
The problem is that you don’t want to record important information like passwords so if they did log them, it’s another possible vector of loss. I e if someone got into that copy of the data
That’s a valid point.
Well it isn’t paranoia if North Korean impostors really are working in your company.
Yeah, hate it all you want. But risk scales with the amount of employees you have. At the scale of Amazon you have to do literally everything to minimise risk.
How am I the first person to ask why they’re measuring the latency on everyone’s keystrokes?
I’m never quite sure how to feel about this. On one hand, if the person just wants to make some money and they’re doing the job, why bother them. On the other hand though, I know that anybody who has consistent access to an internet connection in North Korea is almost certainly working for the benefit of the great leader and they aren’t actually seeing any money or benefit for themselves. I just hate that the citizens of North Korea have to suffer and be punished because of their asswipe of a leader.
When you look at the ISS pics of NK during the night, you get a sense of how bad it is for most of the population.
Maybe they just really like the Dark Sky initiative.
I like how they point out that tiny batch of lights near the coast are NK fishing boats while all the other massive clusters of lights on the ocean are South Korean, Chinese and Japanese fishing boats illegally using spotlights to attract fish.
Always curious to hear how NK has no electricity, but they manage to hack the systems of a trillion dollar conglomerate on the opposite side of the Pacific Ocean.
The contradictions abound.
It kind of amazes me they don’t have better infrastructure. It’s not like they’re shy about forced labor.
You can only do so much with forced labour. They aren’t doing their best, just “enough” to not get punished.
I’m sure plenty of them also use malicious compliance and sabotage stuff to get back at the top brass.
You can only do so much with forced labour.
There’s a certain irony in this statement, coming from folks who consume it regularly.
seeing the stars instead of light pollution doesn’t sound like a bad thing on its own
They’re also a security threat. Any opportunity to exfiltrate potentially profitable or leverageable data will be taken. I’d bet they’re used to sniff out vulnerabilities for ransomware attacks too. I definitley identify and agree with the healthy sympathy (I guess empathy if you’re in the states, our leader more than qualifies as an asswipe) for the citizens of North Korea
North Korea intentionally does this to get revenue for the state.
These people are definitely not there just to make some money. And whatever money they make will be used to prop up the genocidal regime.
I know that anybody who has consistent access to an internet connection in North Korea is almost certainly working for the benefit of the great leader and they aren’t actually seeing any money or benefit for themselves.
Eh, this doesn’t sound like the job you would give someone in a prison camp. You’re talking about people that you’re allowing to interact and work regularly with foreigners outside the country. That does not sound like the type of position you trust to a political prisoner. That sounds like a position you put someone of high trust. It’s probably a pretty cushy job as the standards of North Korea go. Sure beats scratching at dirt or working in some godawful arms factory. It’s probably the type of job you need some good family connections in the Party in order to get. Sure, the government takes all the direct monetary benefit of the work, but that is just kindof how Communist systems work. I imagine the people working those jobs have some of the highest standards of living available to people that aren’t senior party leadership.
deleted by creator
North Korea is the result of a genocide carried out by Japan during WW2 and the subsequent genocidal bombing campaign of the US during the Korean war. It was then shut off from the rest of the world as a punishment for successfully resisting US and pro Japanese occupation. What type of leadership and society do we expect to grow out of that? Like, honestly, what type of freedom can be given to people when a country is being cut off from the rest of the world by a large military superpower like the US?
I think people have learned a lot in recent years by looking at Gaza and the conditions the US and Israel have placed on the Palestinians there. I think people understand that Hamas and it’s leadership are the inevitable result of that type of occupation. I hope people can learn from that and realize that there is not something inferior with a place like North Korea. It’s structures of isolation and state control are the inevitable result of the history and current material conditions it faces.
There is a reason that support for Palestine liberation is nearly 100% among the non western world. Because they all see themselves in the Palestinians.
Do I like the leadership of North Korea? No. Do I like the leadership of Hamas? No. But I understand that they won’t change until the threat and oppression of outside powers is stopped.
The west fucks with so many countries and then uses the current instability that the west caused as a reason for why they need to fuck with them more. Venezuela being the latest iteration.
Are you the North Korean Amazon employee? Anyway, North Korea is a CCP vassal state, you invaded South Korea and isolated yourselves.
Given that you seem to know a lot about Korean history. Do you think the Jeju Massacre was justified?
Like, we learn about the Boston Massacre and cheer on American revolutionaries. But for some reason a militant response to an oppressive state filled with Japanese loyalist is considered bad when Koreans do it.
South Korea’s history is largely that of state oppression and a fascist dictatorship. What in your opinion was the reason the North attacked the South? Do you think events unfolded before that? Or did the North just attack because they wanted to prevent kpop?
Full support from China to return the entire Korean peninsula under their control as a vassal state.
On one side I feel like “cool, they managed to find a spy on this sophisticated way”
On the other side I’m thinking what kind of intrusive keylogging malware did they install on all their employees laptops…
This article is just building justification for spying on your employees
I mean, if it’s a company-owned laptop, they can do whatever the fuck they want with it. I bring a personal laptop to work for browsing and YouTube and whatnot, attached to a VPN.
deleted by creator
Isn’t this an example of them taking it pretty seriously?
I wonder how many they’ve missed over the years, this kind of thing has been occuring since at least 2012.
Reminded me of the ‘critical infrastructure company’ (I presume utility) software developer who handed all his credentials over to a worker in China, including mailing them his RSA keyfob, and wasn’t discovered for months until the company security team noticed VPN logins coming from China.
Apparently it’s become even easier for malicious remote workers to fake resumes and identities to gain jobs via AI, so I hope all major companies are monitoring their remote access very closely.
weasel language. the “infiltrators” are literally working a job for them.
Correct. The hostile actor gained employment with their victim, a common method of infiltration. You should look up the definition of infiltration.
working a job is not infiltration.
It kinda is, its practically a requirement for a lot of corporate espionage and a lot of spies have entire lives alongside their spy duties. Also fun joke I’ve heard about Vladivostok during the Cold war, “There were surprisingly only a handful of people in that city, American spies, Soviet counter intelligence, smugglers, cargo movers, and baristas who ignored the whole mess” heard that from an ex-CIA guy who was doing a talk at a spy exhibit back when I was a kid.
so? does working a job == espionage because it’s north korea? i don’t think they have ever gone at war or any kind of open conflict with western countries at all recently excluding the thing with south korea and the us not liking their existence…?
why are their workers totally all spies as opposed to say, chinese ones, which might even have a stronger interest in keeping an eye on the west? you don’t seem to have much issue with them.
as i said to me, it sounds like weasel language to smear this specific country for trying to get around the sanctions imposed on them.
The Norks have quite literally done data breaches and major hacks via this exact method in the past. They basically have nothing to lose on the international level so they do this and then trade it to countries like China or Russia for whatever it is they want. If they didn’t have a documented history of doing shit like that nobody would assume espionage.
If they didn’t have a known tendency towards weird espionage shit going back to the 50 and 60s nobody would care, but they do have a known tendency towards doing weird espionage shit.
and the chinese has been stealing back tech from you for decades this exact way, but you don’t mind them working for you.
maybe if they weren’t santioned from hell and back.
By itself no, but employment absolutely is compatible with infiltration. In fact, it doesn’t even have to be a foreign-state actor, or even a witting party (e.g. clicking on stuff in spam mail). See: insider threat, and data exfiltration.
Yeah, and its curious to see you getting downvotes for the intra-departmental outsourcing that’s been rampant through the tech sector for a while now.
What we’ve got isn’t some nefarious plot by the Chinese-Adjacent to invade our precious trillion dollar tech industry. Its the deliberate consequence of sanctioning a country to the hilt to devalue local labor, then exploiting the sanctioned locals to extract labor at below market rate.
deleted by creator
This is not some kind of facewashing?
No
What is facewashing?
When you lick your paw and then you rub it on your face.
You should try it sometime.
