The cryptocurrency exchange Coinbase has announced significant changes to its hiring and personnel policies in response to the increase in cyberattacks from North Korean hackers. CEO Brian Armstrong stated that the organization is compelled to reassess remote work conditions to prevent attempts by North Korean IT specialists to gain access to critical infrastructure systems.
This is reported by Finway
New Requirements for Employees and Security Measures
According to Armstrong, malicious actors are actively exploiting remote work policies to conduct interviews and potentially infiltrate the exchange’s internal systems. In response, Coinbase is implementing mandatory in-person orientation for all new employees in the United States. Additionally, only employees who are U.S. citizens and have passed fingerprint checks will have access to critical systems.
Furthermore, during interviews, candidates must turn on their cameras to verify their identity and prove that they are not artificial intelligence or receiving prompts from third parties. This approach aims to prevent fraud and enhance the company’s cybersecurity level.
“It feels like every quarter they release another 500 new people from some school — and that’s their only job,” Armstrong shared in a conversation with John Collison, co-founder of Stripe, on the Cheeky Pint podcast.
Bribery Attempts and Criminal Liability
In addition to technical risks, Coinbase is facing attempts to bribe its employees. According to Armstrong, malicious actors have offered customer support staff hundreds of thousands of dollars in exchange for photographs of confidential information. The company emphasizes strict penalties for such violators — ranging from termination to referral to law enforcement.
He stressed that anyone caught collaborating with malicious actors not only loses their job but also risks imprisonment. Coinbase is also actively expanding its presence in the U.S., recently opening a new customer service center in Charlotte, North Carolina.
The issue of North Korean hacking attacks on American companies has become so pressing that the Federal Bureau of Investigation recently updated its warning about attempts by North Korea to launder profits for its regime through undercover IT workers. It is known that these individuals use front businesses, ship company laptops, or even conduct online interviews in place of actual candidates.
It is also worth noting recent court precedents: a U.S. citizen was recently sentenced to 8.5 years in prison for assisting North Korean IT specialists in securing employment under the guise of U.S. citizens.
In November 2024, reports emerged of numerous instances of North Korean hackers breaching hundreds of international organizations to fund their nuclear program through the theft of cryptocurrency assets.