this post was submitted on 24 Jul 2024
184 points (97.4% liked)

Technology

59086 readers
3268 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
184
How a North Korean Fake IT Worker Tried to Infiltrate Security Awareness Firm KnowBe4 (blog.knowbe4.com)
submitted 3 months ago by 0x815@feddit.org to c/technology@lemmy.world
20 comments fedilink hide all child comments
 

cross-posted from: https://feddit.org/post/1094761

Archived version

KnowBe4 needed a software engineer for our internal IT AI team. "We posted the job, received resumes, conducted interviews, performed background checks, verified references, and hired the person," the firm writes on its blog.

"We sent them their Mac workstation, and the moment it was received, it immediately started to load malware."

[Special points to KnowBe4 for publishing this on its blog. If this can happen to a security awareness firm, it can happen to everyone.]

you are viewing a single comment's thread
view the rest of the comments
[–] TrickDacy@lemmy.world 32 points 3 months ago (1 children)

That company's training materials are hilariously terrible.

[–] Shirasho@lemmings.world 17 points 3 months ago (2 children)

They treat you like a child with no self respect. They are awful.

[–] PM_Your_Nudes_Please@lemmy.world 28 points 3 months ago* (last edited 3 months ago)

It’s because the training materials aren’t aimed at the typical Lemmy user who knows how to dual-boot Linux and built their own hackintosh for fun. It’s aimed at Jim in accounts receivable, who is 2 years away from retirement and hasn’t learned any new tech literacy skills in the entire 23 years he’s been with the company. It’s aimed at Pam in HR, who panics and says the internet is broken because she deleted her Chrome desktop shortcut for the fifth time this week. It’s aimed at Jill in accounts payable, who called IT to say her computer wasn’t working, (the power was out in the entire building, because a trash truck hit the power lines across the street.)

IT deals with a lot of BS, from users who don’t know anything about how computers or modern scams/hacks work. KnowBe4 is aimed that those users, because an organization’s security is only as impenetrable as its dumbest “oh hey I found a USB drive outside the front doors. I’m gonna plug it in to see what’s on it” users.

[–] TrickDacy@lemmy.world 8 points 3 months ago (1 children)

Yep. The videos feel like they were designed by people who have never spoken to another human before. And yeah, seems like they are catering to old people who were new to email in 2003.

[–] UnpledgedCatnapTipper@lemmy.blahaj.zone 16 points 3 months ago (1 children)

That's because they are. Those are the people who are most likely to fall for phishing.

[–] TrickDacy@lemmy.world 5 points 3 months ago

All I know is I have to waste an hour or so on this crap every year and it's annoying.