AI-powered resumes? Hackers are using deepfakes and chatbots to pose as job applicants, targeting companies with a cybersecurity skills shortage. Here’s how to spot the fakes.
Companies in the market for cybersecurity professionals could face a new method of attack, made harder to spot because of artificial intelligence: Hackers posing as job applicants.
As cyber threats targeting U.S. companies multiply, some security leaders have increased scrutiny during hiring to weed out bad actors or applicants with overly embellished résumés.
Globally, the cyber sector faces a shortfall of roughly four million professionals, an increase of 12.6% from 2022, according to ISC2, a professional and certification group in cybersecurity. Fraudsters are seizing on the demand.
During The Wall Street Journal’s Tech Live: Cybersecurity conference on Thursday, Lili Infante, founder and chief executive of CAT Labs, said that North Korean hackers frequently target her cryptocurrency asset recovery startup by pretending to apply for jobs. Recruiters even refer some.
“We’ve weeded out over 50 candidates that were North Korean spies,” she said, “to the point where I had to put certain controls in place in my hiring process.”
Infante said that if hired, the spies could seek out intellectual property and steal corporate data. She added that if they can infiltrate a crypto firm, they could put vulnerabilities into code to loot assets.
U.S. officials have warned of a shadowy workforce of thousands of North Korean information technology workers in low-level jobs worldwide. They have helped Pyongyang evade harsh international sanctions and raise billions of dollars through computer fraud and hacking efforts—often helped by Westerners posing as would-be job applicants.
More than 300 U.S. companies unknowingly hired foreign nationals with ties to North Korea for remote IT work, the Justice Department alleged last month.
It isn’t just North Korean spies cyber hiring teams are looking to block. More common are applicants whose skills might not match their listed accomplishments.
Brent Conran, Intel’s chief information security officer, said at Thursday’s event that he personally interviews job candidates hired into senior levels within the chip giant. Intel has also arrayed “technical gates” to check for skills aptitude—a test Conran said he was required to pass.
Meredith Harper, senior vice president and CISO of credit-card issuer and financial services firm Synchrony Financial, said she’s typically able to detect if job candidates embellished résumés in the first five minutes of a conversation.
“It’s important to be able to see them, whether it’s on video or in-person, to feel the energy, to hear their answers to the specific questions,” Harper said at Thursday’s event.
However, the rise of AI tools has made it harder to spot impostors.
Chatbots like ChatGPT can help job applicants perfectly tailor résumés and generate cover letter answers. AI-created deepfakes, which bad actors can use to mimic real people on video and voice calls, have led to cyber breaches and increased sophisticated impersonation attacks.
“I always ask them to show their ID on video. That’s it. It has to match your face,” Infante said. “With deepfakes and remote work, it gets pretty easy if you’re not careful to hire a North Korean spy.”
To root them out, Infante said she’s suspicious of résumés that seem too good to be true. They also tend to have education listed in countries like Malaysia or Singapore but work experience only in the United States.
Also Read: Sudhakar Ramakrishna on Innovation, Adaptation, and Future Vision
Some résumés may contain phone numbers that are voice over internet protocol technology, or VoIP, which don’t require contracting with a cellular provider like Verizon or AT&T. Job candidates who lack an online presence also raise eyebrows.
Infante said she also puts applicants through an automated identity verification before a conversation and verifies their education credentials.
Since the generative AI boom started nearly two years ago, the cyber sector has been on high alert for an increase in AI-aided hacks and cybercrime. While the technology has given hackers a head start, 85% of surveyed cybersecurity professionals say it will aid their work in the long term, Clar Russo, CEO of ISC2, said at Thursday’s event.
