A North Korean imposter was uncovered, working as a sysadmin at Amazon U.S., after their keystroke input lag raised suspicions with security specialists at the online retail giant. Normally, a U.S.-based remote worker’s computer would send keystroke data within tens of milliseconds. This suspicious individual’s keyboard lag was “more than 110 milliseconds,” reports Bloomberg.
Amazon is commendably proactive in its pursuit of impostors, according to the source report. The news site talked with Amazon’s Chief Security Officer, Stephen Schmidt, about this fascinating new case of North Koreans trying to infiltrate U.S. organizations to raise hard currency for the Democratic People’s Republic of Korea (DPRK), and sometimes indulge in espionage and/or sabotage.
I don’t get why companies can’t solve this problem entirely by just flying out applicants for in-person interviews towards the end of the hiring process. Or hell, maybe only even ask the candidate to fly out for a visit after they’ve already accepted the job offer. Just one minimal and relatively cheap step to confirm the remote worker you’re hiring is who they claim to be. For the cost of a flight, a night or two in a hotel, and some meal vouchers, you can verify someone’s identity. Sure, maybe not for freelance work. But for any well paid technical field? This is a trivial expense.
I wonder how much it would cost to hire an actor for that. You know they would find ways around them.