A North Korean imposter was uncovered, working as a sysadmin at Amazon U.S., after their keystroke input lag raised suspicions with security specialists at the online retail giant. Normally, a U.S.-based remote worker’s computer would send keystroke data within tens of milliseconds. This suspicious individual’s keyboard lag was “more than 110 milliseconds,” reports Bloomberg.

Amazon is commendably proactive in its pursuit of impostors, according to the source report. The news site talked with Amazon’s Chief Security Officer, Stephen Schmidt, about this fascinating new case of North Koreans trying to infiltrate U.S. organizations to raise hard currency for the Democratic People’s Republic of Korea (DPRK), and sometimes indulge in espionage and/or sabotage.

Schmidt says that Amazon has foiled more than 1,800 DPRK infiltration attempts since April 2024. Moreover, the rate of attempts continues apace, with Amazon reckoning it is seeing a 27% QoQ uplift in North Koreans trying to get into the Amazon corporation.

You have to look for them, to find them

However, Amazon’s success can be almost entirely credited to the fact that it is actively looking for DPRK impostors, warns its Chief Security Officer. “If we hadn’t been looking for the DPRK workers,” Schmidt said, “we would not have found them.”

With this company policy explained, a blip on the Amazon security radar was caused earlier this year when a new sysadmin’s Amazon laptop monitor alerted security personnel about unusual behavior.

Amazon security experts took a closer look at the flagged ‘U.S. remote worker’ and determined that their remote laptop was being remotely controlled – causing the extra keystroke input lag. Schmidt emphasizes that good-quality security software was key to this investigation.

It turns out that the DPRK had access to this Amazon laptop located in Arizona. A woman found to be facilitating this fraud on behalf of North Korean imposter workers was sentenced to several years in prison earlier this year.

As well as red flag computer network symptoms, the fumbling use of American idioms and English-language articles continues to be a giveaway when conversing with such impostors.

Tip of the iceberg

The problem of North Koreans infiltrating U.S. corporations for profit, mischief, and more is undoubtedly a serious one. We’ve covered sizable FBI seizures of equipment recently, perhaps showing just the tip of the iceberg. More successful infiltrations by the DPRK, as well as hostile nations like Iran, Russia, and China, are likely to be ongoing.

Follow Tom’s Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.