PinnacleOne ExecBrief | North Korean IT Worker Threat

This report details how North Korean IT workers are covertly infiltrating U.S. companies via fraudulent hiring, stolen identities, and remote access (using VPNs, proxy accounts, and mailed company devices) to generate revenue for the DPRK and potentially enable malware deployment or espionage; it highlights the Matthew Isaac Knoot prosecution and a KnowBe4 infiltration, lists attacker tactics and red flags for recruitment/onboarding, and provides mitigations including enhanced identity checks, device controls, and zero-trust/access monitoring.