Hundreds of Fortune 500 organisations hired rogue North Korean IT workers.
Hundreds of Fortune 500 companies were penetrated by North Korean IT workers seeking to compromise firms' IT infrastructure and data from the inside.
Speaking during a media briefing at the RSAC 2025 Conference in San Francisco, Mandiant Consulting CTO Charles Carmakal said “there are hundreds of Fortune 500 organisations that have hired these North Korean IT workers.”
According to CyberScoop, mounting enterprise action against the fake IT worker scheme has also prompted North Korea, which has already generated significant income from such illicit activity, to extort targeted firms as part of its new strategy, said Carmakal
"The concern that we have is that there's always the potential that at some point in time, these actors that have taken data as part of their employment may publish it on the internet,” Carmakal added. “We haven't seen it happen yet, but that's the fear that most of these organisations have today.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
