Summary: CrowdStrike’s investigation revealed that 40% of 200 alerted customers had unknowingly hired fake IT employees linked to a North Korean APT group known as Famous Chollima. This group used these rogue workers to deploy malware and steal valuable data from organizations. In response, CrowdStrike launched its Insider Risk Service to enhance detection and improve hiring practices to mitigate insider threats.
Affected: CrowdStrike’s customers, specifically organizations targeted by North Korean APT groups.
Keypoints :
- 40% of customers were victims of the Famous Chollima group, which infiltrated over 300 companies.
- The U.S. Department of Justice reported this as the largest criminal act involving IT workers, with estimated losses exceeding .8 million.
- CrowdStrike’s new Insider Risk Service aims to detect rogue employees and enhance hiring practices through comprehensive assessments and threat intelligence.
Source: https://www.darkreading.com/insider-threats/crowdstrike-highlights-magnitude-of-insider-risk