KnowBe4 Launches Complimentary Training Module Following Thwarted North Korean Infiltration Attempt


New KnowBe4 training addresses critical security risks in hiring processes, sharing insights for other organizations to learn the pitfalls and avoid mistakenly hiring hackers 

KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced the release of a complimentary cybersecurity module aimed at enhancing organizational safety during the hiring and onboarding process.100-Secure-Hiring-Layout

This initiative comes on the heels of KnowBe4's recent experience in preventing a sophisticated infiltration attempt by a North Korean hacker during the hiring process. Unlike many organizations that have unknowingly hired nation-state IT workers, KnowBe4's security team detected and neutralized the threat within just 25 minutes, ensuring no illegal access was gained, and no data was lost, compromised, or exfiltrated on any KnowBe4 systems. In light of this incident and reports of similar successful infiltrations at other companies, KnowBe4 conducted a thorough evaluation of the hiring process, identifying critical vulnerabilities that state-sponsored actors attempt to exploit. The resulting free module addresses these key points, revamping traditional approaches to recruitment security.

This module addresses critical security risks in employee onboarding process and features an in-depth interview with KnowBe4 staff members who recount their real-life experience in uncovering a bad actor, working for a nation-state government, who was disguised as a new hire during the onboarding process. The module details KnowBe4's quick response to secure the network and subsequent efforts to educate others on this attempted attack and how it was stopped.

The new Secure Hiring and Onboarding module is designed to help organizations mitigate risks associated with the hiring process. It equips HR professionals, IT professionals, hiring managers and others involved in the recruitment process with the knowledge needed to identify and manage security threats that can arise during recruitment and onboarding.

By completing this module, participants will be able to:

  • Raise awareness about hiring-based security threats
  • Gain practical knowledge for identifying risks
  • Improve organizational hiring security practices

"In recent years, there has been a disturbing trend of state-sponsored hackers, particularly from North Korea, attempting to infiltrate organizations by exploiting the hiring process,” said John Just, chief learning officer at KnowBe4. “At KnowBe4, we experienced this firsthand and successfully prevented such an attempt. This module is born from that experience, turning our real-world encounter into actionable knowledge. By focusing on the hiring process, we are helping organizations strengthen their defenses at a critical point of vulnerability. We are now offering this training at no cost, empowering companies to detect and manage these sophisticated infiltration attempts from the very first interaction with potential hires. It is about transforming every step of the recruitment process into an opportunity to enhance organizational security."

To access KnowBe4’s free training module, please visit www.knowbe4.com/free-cybersecurity-tools/secure-hiring-and-onboarding.  

To learn about specific steps organizations can take to protect themselves, visit KnowBe4's blog post: North Korean IT Worker Threat: 10 Critical Updates to Your Hiring Process.

 

About KnowBe4

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 70,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. The late Kevin Mitnick, who was an internationally recognized cybersecurity specialist and KnowBe4’s Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Organizations rely on KnowBe4 to mobilize their end users as their last line of defense and trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

 

Get the latest about social engineering

Subscribe to CyberheistNews