04:05 GLOBAL
video interviews. The face on screen matched the photo in the file. The background check raised no alarms because the applicant used a stolen but valid U.S. identity. Only later did the company discover the photo had been altered with AI. The “new hire” wasn’t an engineer at all, but a fake IT worker with ties to North Korea. That’s the trick Mr. Robot always drove home: sometimes the real breach isn’t code, it’s people. Inside the Laptop Farms Here’s how the scheme works: a fake employee asks for their workstation to be shipped to a U.S. address. Once it arrives, they log in remotely from North Korea or China using VPNs. To appear available, they work overnight and match U.S. hours. On paper, they look like normal staff: meeting deadlines and collecting salaries. Behind the curtain, most of the money is redirected to fund North Korea’s cyber operations.
With AI tools, stolen IDs, and VPNs, fake candidates that are almost indistinguishable from the real thing can be created.
And this isn’t just theory. In Arizona, Christina Marie Chapman ran a “laptop farm” that let North Korean IT workers infiltrate more than 300 U.S. companies. Using stolen and fake identities, they secured jobs, got paid, and funneled more than $17 million through company payrolls. Chapman’s case made one thing clear: payroll itself can become a weapon. Companies weren’t just tricked; they were unknowingly bankrolling a hostile state. The Bigger Picture What happened at KnowBe4 isn’t a one- off. It’s a glimpse of how advanced organized crime and state-backed groups have become. With AI tools, stolen
IDs, and VPNs, fake candidates that are almost indistinguishable from the real thing can be created. This means HR, IT, and security teams can’t afford to operate in silos anymore. Hiring has become a frontline security issue. It’s no longer just about cultural fit or technical skill; it’s about trust, identity, and risk. Lessons Companies Can’t Ignore No one is immune. If a cybersecurity firm can be fooled, so can finance, retail, or manufacturing. Hiring is now risk management. What once lived only in HR now requires full collaboration with IT and security.
62 I 04:05
GLOBAL PAYROLL MAGAZINE ISSUE 17
Made with FlippingBook - Share PDF online