Guess they didn’t KnowBe4.
(https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us) They are saying they caught the guy before he had access to anything important.
He made it though onboarding and got a company laptop with creds. Got flagged by SEC because he got malware day 1. Also they dug in and he was connected to the states with a VPN.
HR failed. SEC caught it. Now SEC/CIO yell at HR.
This report makes it sound like they had a video call with camera on, vs other reports where they recommend people have camera on because they didn’t
also used AI tools to create a profile picture and match that face during the video conference calls.
This doesn’t sounds like the video was on / faked only that they had a call where the profile picture was used.
Boy, I bet they wish they… (drumroll) KnewBe4