A North Korean imposter was uncovered, working as a sysadmin at Amazon U.S., after their keystroke input lag raised suspicions with security specialists at the online retail giant. Normally, a U.S.-based remote worker’s computer would send keystroke data within tens of milliseconds. This suspicious individual’s keyboard lag was “more than 110 milliseconds,” reports Bloomberg.
Amazon is commendably proactive in its pursuit of impostors, according to the source report. The news site talked with Amazon’s Chief Security Officer, Stephen Schmidt, about this fascinating new case of North Koreans trying to infiltrate U.S. organizations to raise hard currency for the Democratic People’s Republic of Korea (DPRK), and sometimes indulge in espionage and/or sabotage.
It’s not that, it’s that they are incredibly sophisticated in their techniques. I just had to sit through 90 minutes of training about how to spot fake applicants.
I don’t get why companies can’t solve this problem entirely by just flying out applicants for in-person interviews towards the end of the hiring process. Or hell, maybe only even ask the candidate to fly out for a visit after they’ve already accepted the job offer. Just one minimal and relatively cheap step to confirm the remote worker you’re hiring is who they claim to be. For the cost of a flight, a night or two in a hotel, and some meal vouchers, you can verify someone’s identity. Sure, maybe not for freelance work. But for any well paid technical field? This is a trivial expense.
It not practical at a remote first company to fly people out to where we happen to have offices when they could be working from anywhere.
It’s cheap-ish for a flight, but at scale, the starts to become an expensive hiring pipeline.
I feel this can be bypassed the same way remote interviews have been passed, you have a talented dude A actually trained to pass whatever verification is needed, and whenever there’s privacy, it switches to dude B, while dude A moves to another recruitment process. I think I have heard about this kind of dude A offering his services online for anyone ready to pay.
Anyone else has never seen the face of one of their full remote colleague? I have one in my team, he does a good job though, however many they may be behind him.
I wonder how much it would cost to hire an actor for that. You know they would find ways around them.
So what did you learn?
It’s more a list of warnings signs.
There’s more than that, but those are the highlights.
Yeah capitalism says: but cheaper worker ok