Corea del Norte infiltra a falsos empleados en más de 300

"\"\\\"\\\\\\\"\\\\\\\\\\\\\\\"{\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"answer\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"briefing\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\":\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"Un \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u201cej\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e9rcito\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u201d de falsos empleados est\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1 infiltr\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1ndose en compa\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f1\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edas europeas: detr\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1s est\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1 Corea del Norte Una empresa europea publica una oferta para un puesto tecnol\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3gico en remoto y, tras varios filtros, contrata a un candidato que encaja perfectamente en el perfil. El curr\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edculum es s\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3lido, las entrevistas se desarrollan sin problemas y, sobre el papel, esa incorporaci\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n pasa a integrarse en el equipo como una m\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1s. Pero existe una posibilidad que hasta hace poco muchas compa\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f1\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edas ni siquiera contemplaban: que ese trabajador no sea quien dice ser. Expertos en ciberseguridad sostienen que este fen\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3meno procede casi exclusivamente de Corea del Norte, una pr\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1ctica documentada en Estados Unidos y cuyos primeros indicios empiezan a verse tambi\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e9n en Europa\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nEl problema de los empleados falsos en Europa. Para entender por qu\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e9 ahora empieza a preocupar en esta parte del mundo conviene mirar primero a lo que ya ocurri\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3 en el pa\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00eds norteamericano. All\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00ed, autoridades y especialistas en ciberseguridad llevan a\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f1os investigando un patr\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n muy concreto: supuestos profesionales tecnol\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3gicos que en realidad formaban parte de redes vinculadas a Pyongyang. De acuerdo con datos del Departamento de Justicia, estos operativos consiguieron infiltrarse en m\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1s de 300 empresas entre 2020 y 2024, generando al menos 6,8 millones de d\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3lares en ingresos para el pa\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00eds norcoreano.\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00a0\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nC\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3mo funciona el enga\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f1o. El proceso suele comenzar con la construcci\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n de una identidad profesional convincente. Seg\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00fan el Financial Times, los operativos pueden apropiarse de cuentas inactivas de LinkedIn o incluso pagar a sus propietarios para utilizarlas, y a partir de ah\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00ed levantar perfiles aparentemente leg\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edtimos con curr\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edculums falsificados y recomendaciones generadas por otros miembros de la red. Los modelos de lenguaje tambi\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e9n les ayudan a crear nombres culturalmente apropiados, direcciones de correo veros\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edmiles y mensajes que reducen las se\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f1ales ling\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00fc\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edsticas o culturales que antes pod\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edan delatarlos. En la fase de entrevistas, la tecnolog\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00eda juega un papel cada vez m\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1s importante: estas redes pueden recurrir a m\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1scaras digitales, avatares o filtros de v\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00eddeo, y cuando algunas empresas endurecen los controles, tambi\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e9n llegan a pagar a intermediarios reales para presentarse a las videollamadas en su lugar.\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nEl \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e9xito de este esquema no se explica solo por las herramientas tecnol\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3gicas que utilizan los falsos candidatos. Tambi\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e9n tiene que ver con una debilidad estructural dentro de muchas organizaciones. De acuerdo con expertos en ciberseguridad citados por el mencionado peri\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3dico, el proceso de contrataci\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n rara vez se ha considerado un frente de seguridad corporativa. Durante a\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f1os se ha gestionado principalmente desde recursos humanos, con controles pensados para evaluar talento, no para detectar operaciones de infiltraci\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n. Ese enfoque ha dejado una vulnerabilidad que estas redes est\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1n aprovechando.\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nUna vez dentro de la empresa. Superar el proceso de contrataci\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n es solo la primera fase de la operaci\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n. Algunos de estos esquemas incluyen la interceptaci\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n de los port\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1tiles que las compa\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f1\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edas env\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edan a sus nuevos empleados para trabajar en remoto. Tras acceder al equipo, los operativos pueden conectarse desde otros lugares y realizar su actividad laboral utilizando herramientas basadas en modelos de lenguaje y chatbots. Este sistema les permite cumplir con las tareas asignadas por la empresa y, en algunos casos, gestionar varios empleos tecnol\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3gicos al mismo tiempo. El riesgo, adem\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1s, no se limita al cobro de salarios, algunos tambi\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e9n roban informaci\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n o infectan los sistemas con malware.\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00a0\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nEn Xataka\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nUna mujer pas\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3 seis meses en prisi\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n porque una IA se equivoc\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3 de cara. Lo terrible es que nadie lo comprob\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nPara los analistas de amenazas, las primeras se\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f1ales de expansi\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n hacia Europa ya son visibles. De acuerdo con informaci\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n recogida por el Financial Times, investigadores han identificado indicios de que redes vinculadas a Corea del Norte est\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1n intentando reproducir en la regi\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n el mismo modelo que previamente se observ\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3 en el pa\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00eds norteamericano. Uno de los elementos que ha llamado la atenci\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n es la aparici\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3n en el Reino Unido de las llamadas laptop farms, espacios donde se concentran port\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1tiles conectados a distancia para que los operativos puedan trabajar como si estuvieran f\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edsicamente en el pa\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00eds. Este tipo de infraestructuras apunta a que el esquema podr\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00eda estar empezando a replicarse tambi\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e9n en Europa.\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nIm\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1genes |\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00a0Xataka con Nano Banana\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nEn Xataka | Sab\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edamos que Corea del Norte lleva a\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f1os infiltrando a trabajadores en empresas de Occidente. Ahora sabemos c\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f3mo lo hacen\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\n-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nLa noticia\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nUn \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u201cej\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e9rcito\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u201d de falsos empleados est\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1 infiltr\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1ndose en compa\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00f1\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00edas europeas: detr\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1s est\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\u00e1 Corea del Norte\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nfue publicada originalmente en\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nXataka\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\npor\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\nJavier Marquez\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\n.\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"}}\\\\\\\\\\\\\\\"\\\\\\\"\\\"\""