Table of Contents
Amazon recently revealed that it had identified a North Korean spy infiltrated in its IT department. What exposed this sophisticated maneuver was a detail as minute as an abnormal latency in keyboard typing. This case highlights the evolution of digital surveillance techniques and the complexity of contemporary threats.
The 3 key facts not to miss
Amazon unmasked a North Korean spy thanks to an abnormally high keyboard typing latency. The company noticed that each keystroke took more than 110 milliseconds to reach its Seattle servers, a delay far beyond the typical few dozen milliseconds for an employee based in the United States. This discovery led to an in-depth investigation, which traced the trail back to China.
The person involved was hiding behind an apparently impeccable profile, but the analysis of micro-computer signals revealed the deception. The suspect computer was remotely controlled, and the investigation ultimately led to the arrest of an Arizona resident, found guilty of complicity.
Since April 2024, Amazon has identified and blocked more than 1,800 infiltration attempts orchestrated by North Korea, with a 27% increase each quarter. These operations aim to circumvent international sanctions imposed on Pyongyang and finance the regime’s weapons programs.
The impostors use misleading resumes, often from the same schools and companies, and present backgrounds difficult to verify from the West. They also betray themselves by a poor use of English articles and idioms, thus revealing their origin.
Gerome Billois, a cybersecurity expert at Wavestone, indicates that these infiltrations are not limited to the United States. He notes on LinkedIn that several European companies have also been targeted. This phenomenon highlights the evolution of internal threats, which now include sophisticated state operations.
The need for effective behavioral surveillance becomes increasingly evident to face these new threats. However, it also raises moral questions about how to manage these surveillance systems within companies.
Amazon, as a global leader in online commerce, has always been at the forefront of cybersecurity. The company invests heavily in advanced technologies to protect its systems and customers. With millions of transactions carried out every day, the security of its platforms is crucial to maintaining user trust.
The recent discoveries of North Korean infiltrations demonstrate the importance of proactive cybersecurity measures and adaptability in the face of constantly evolving threats. Amazon continues to develop and implement strategies to identify and neutralize new forms of attacks, thus ensuring the security of its operations and data.