Korean

North Korean Spy Poses as AI Employee, Exposing Insider Threat to South Korean Businesses

Min Seok Kim
Michael Tremante, Senior Director of Application Security Products at Cloudflare, speaks during the press conference. 2025.9.9 / News1
Michael Tremante, Senior Director of Application Security Products at Cloudflare, speaks during the press conference. 2025.9.9 / News1

Earlier, Google's Threat Intelligence Group, Google Mandiant, OpenAI, and Korea University's Graduate School of Information Security issued reports warning about the spy activities of North Korean hacking groups.Google Mandiant reported that many Fortune 100 companies have inadvertently employed North Korean information technology (IT) personnel. These individuals often work remotely for multiple companies concurrently, gaining access to internal systems.Tremante also shared insights on the current state of distributed denial-of-service (DDoS) attacks in South Korea.He noted that the number of DDoS attackers targeting South Korea has been steadily increasing each quarter. Noting that fortunately, 47% of the attacks are SYN floods, which can be mitigated if networks have appropriate security measures in place.He added that the U.S. ranks as the top source of attacks, with Japan and Hong Kong also targeting South Korean government and corporate networks. Further noting that in highly competitive industries, companies frequently attack each other, leaving them perpetually exposed to DDoS threats.Meanwhile, Jo Won-kyun, the head of Cloudflare's Korean branch, stated that a recent network outage in South Korea occurred due to a break in the backbone fiber.
Earlier, Google's Threat Intelligence Group, Google Mandiant, OpenAI, and Korea University's Graduate School of Information Security issued reports warning about the spy activities of North Korean hacking groups.Google Mandiant reported that many Fortune 100 companies have inadvertently employed North Korean information technology (IT) personnel. These individuals often work remotely for multiple companies concurrently, gaining access to internal systems.Tremante also shared insights on the current state of distributed denial-of-service (DDoS) attacks in South Korea.He noted that the number of DDoS attackers targeting South Korea has been steadily increasing each quarter. Noting that fortunately, 47% of the attacks are SYN floods, which can be mitigated if networks have appropriate security measures in place.He added that the U.S. ranks as the top source of attacks, with Japan and Hong Kong also targeting South Korean government and corporate networks. Further noting that in highly competitive industries, companies frequently attack each other, leaving them perpetually exposed to DDoS threats.Meanwhile, Jo Won-kyun, the head of Cloudflare's Korean branch, stated that a recent network outage in South Korea occurred due to a break in the backbone fiber.

© Copyright by News1. All Rights Reserved.