North Korean hackers were behind almost half of recent breaches targeting US tech companies, according to CrowdStrike.
The security firm’s quarterly telemetry shows groups masquerading as remote IT workers or recruiters carried out the attacks. The data covers incidents from the last 12 months across the United States, Europe and Asia, with the US tech sector bearing the brunt. CrowdStrike identified the activity through shared indicators of compromise and recruitment patterns that matched known Pyongyang‑linked groups.
The finding matters because it highlights a persistent supply‑chain threat that bypasses traditional perimeter defenses. Companies that rely on freelance or contract IT staff may need stricter vetting and continuous monitoring to spot covert actors.
In short, the old advice to treat every remote worker as a potential entry point remains as relevant as ever.