Saturday, December 6, 2025

Controversy: South Korean Government’s North Korea Human Rights Report Drastically Reduced in Size

The government's North Korean human rights report has been reduced from 20 to 5 pages, reflecting significant changes in approach.

Russia Openly Violates UN Sanctions, Trading North Korean Labor in Defiance of US

A Russian agency advertises supplying 2,000 North Korean female workers weekly, raising concerns over human rights violations.

SM Entertainment Marks 30th Anniversary with Star-Studded Album Release

SM Entertainment celebrates its 30th anniversary with 2025 SMTOWN: THE CULTURE, THE FUTURE, featuring 17 tracks from 14 artists.

North Korean Spy Poses as AI Employee, Exposing Insider Threat to South Korean Businesses

NorthKoreaNorth Korean Spy Poses as AI Employee, Exposing Insider Threat to South Korean Businesses
2 min.
By Min Seok Kim
Michael Tremante, Senior Director of Application Security Products at Cloudflare, speaks during the press conference. 2025.9.9 / News1
Michael Tremante, Senior Director of Application Security Products at Cloudflare, speaks during the press conference. 2025.9.9 / News1

Cloudflare disclosed an incident in which a North Korean spy infiltrated a client company, emphasizing that South Korean businesses must be prepared for insider threats.

Michael Tremante, Cloudflare’s Senior Director of Application Security and Product, revealed the infiltration process during a press briefing on Tuesday at the Josun Palace in Gangnam, Seoul. He stated that there was an actual instance where a client hired a North Korean spy.

Tremante explained that an individual who had gone through the usual hiring process for an artificial intelligence (AI) company turned out to be a North Korean spy. He further noted that even though they passed the resume screening, it failed to detect the anomaly early enough, which allowed the spy to start working.

He continued that this individual exhibited behavior significantly different from that of regular employees, such as downloading an unusually large amount of data immediately after connecting to the virtual private network (VPN). Further noting that after reviewing their peculiar behavior and resume, it confirmed they were a spy and terminated their employment two months later.

Tremante underscored the seriousness of the situation by noting that there have been numerous cases where individuals presumed to be allies or internal staff turned out to be adversaries.

Earlier, Google\'s Threat Intelligence Group, Google Mandiant, OpenAI, and Korea University\'s Graduate School of Information Security issued reports warning about the spy activities of North Korean hacking groups.Google Mandiant reported that many Fortune 100 companies have inadvertently employed North Korean information technology (IT) personnel. These individuals often work remotely for multiple companies concurrently, gaining access to internal systems.Tremante also shared insights on the current state of distributed denial-of-service (DDoS) attacks in South Korea.He noted that the number of DDoS attackers targeting South Korea has been steadily increasing each quarter. Noting that fortunately, 47% of the attacks are SYN floods, which can be mitigated if networks have appropriate security measures in place.He added that the U.S. ranks as the top source of attacks, with Japan and Hong Kong also targeting South Korean government and corporate networks. Further noting that in highly competitive industries, companies frequently attack each other, leaving them perpetually exposed to DDoS threats.Meanwhile, Jo Won-kyun, the head of Cloudflare\'s Korean branch, stated that a recent network outage in South Korea occurred due to a break in the backbone fiber.
Earlier, Google’s Threat Intelligence Group, Google Mandiant, OpenAI, and Korea University’s Graduate School of Information Security issued reports warning about the spy activities of North Korean hacking groups.Google Mandiant reported that many Fortune 100 companies have inadvertently employed North Korean information technology (IT) personnel. These individuals often work remotely for multiple companies concurrently, gaining access to internal systems.Tremante also shared insights on the current state of distributed denial-of-service (DDoS) attacks in South Korea.He noted that the number of DDoS attackers targeting South Korea has been steadily increasing each quarter. Noting that fortunately, 47% of the attacks are SYN floods, which can be mitigated if networks have appropriate security measures in place.He added that the U.S. ranks as the top source of attacks, with Japan and Hong Kong also targeting South Korean government and corporate networks. Further noting that in highly competitive industries, companies frequently attack each other, leaving them perpetually exposed to DDoS threats.Meanwhile, Jo Won-kyun, the head of Cloudflare’s Korean branch, stated that a recent network outage in South Korea occurred due to a break in the backbone fiber.

Jo Won-kyun, the head of Cloudflare’s Korean branch, speaks at a press conference / Provided by Cloudflare

@@@

Check Out Our Content

Check Out Other Tags:

AIsecurityeconomyelectricteslaEVsciencenutrition

Most Popular Articles

Cars

Tech

future

health

© Copyright by News1. All Rights Reserved.