Remember hearing about KnowBe4 hiring a North Korean remotely? They aren’t alone. In a report by Mandiant, dozens of Fortune 100 companies have unknowingly hired North Korean IT workers using fake identities, according to a Mandiant report. Often based in China or Russia, these workers gain access to sensitive systems, raising concerns about potential cyberattacks. The report highlights the need for companies to implement stricter hiring practices, including thorough background checks and verification of identities. U.S. law enforcement has initiated actions against those facilitating this scheme, which has reportedly generated significant revenue for the North Korean regime.
Conversely, over the past year, over half of organizations faced cyber threats, with 37% of surveyed IT and cybersecurity professionals reporting job losses due to cyber-attacks. Larger companies are significantly more affected, and these incidents contribute to both direct dismissals and broader layoffs.
N-able’s data indicates a 56% increase in disaster recovery events for Microsoft 365 domains in 2024, alongside a rise in backups among partners to enhance ransomware resilience. The report highlights over 3,400 cyber alerts in the first half of 2024, emphasizing the growing threat landscape. Managed Service Providers (MSPs) increasingly focus on backup services, with a 46% increase in protected Microsoft 365 users and a significant rise in data backed up, underscoring the critical need for robust data protection strategies.
Why do we care?
These insights highlight the critical importance of viewing cybersecurity through a holistic lens—addressing not just the technical aspects but the human, organizational, and strategic factors that underpin true resilience.
For IT service providers, this includes offering tools and services that support companies in vetting remote workers, particularly those in sensitive IT roles. This could involve partnerships with identity verification services or developing in-house solutions that integrate directly with HR systems.
Beyond technical solutions, companies need guidance on organizational resilience. This involves incident response planning, training programs, and the integration of AI-driven risk assessment tools that help identify weak points in both technology and personnel structures.