Encore: The Billion Dollar Hiring Scam Funding North Korea episode artwork

EPISODE · Jul 9, 2026 · 38 MIN

Encore: The Billion Dollar Hiring Scam Funding North Korea

from Threat Vector by Palo Alto Networks · host Palo Alto Networks and N2K Networks

Enjoy this encore episode of Threat Vector by Palo Alto Networks. North Korea has turned your hiring pipeline into a revenue machine. And most organizations have no idea. ⁠Evan Gordenker⁠, Director of AI Security and DPRK Operations at Unit 42, has led more than 160 investigations into sophisticated threat actors, including the North Korean IT worker networks quietly embedded inside global companies. He joins⁠ ⁠⁠David Moulton⁠ to unpack how this operation actually works, why common assumptions about remote work leave organizations exposed, and what security and HR teams can do to detect and disrupt it. You'll learn: - How DPRK operatives use deepfakes, fabricated identities, and real accomplice networks to pass interviews and land jobs at global companies - Why "we don't hire remote" is a dangerous assumption that no longer holds - What signals HR and SOC teams should look for, before and after someone is hired - How the threat has evolved from quiet wage theft to active extortion of former employers - What government collaboration and cross-border intelligence sharing can realistically accomplish Evan contributed to the UN Sanctions Monitoring Team report on North Korean operations and brings a rare combination of technical depth and geopolitical fluency to this problem. Having lived and worked across the US, EU, and Japan, he brings cultural context that matters when investigating a threat with global reach. His investigations have produced some of the most detailed profiles of DPRK operators in the security community. This episode is essential listening if you're: a security leader building out your insider threat program, an HR or talent acquisition leader who hasn't yet connected with your security team, or a threat intelligence analyst tracking how nation-state programs fund themselves. Related Episodes: - ⁠From Code to Compromise⁠ — Covers North Korean threat actors using fake job interviews to target developers via malicious IDE extensions. A strong companion to this episode's look at the broader IT worker scheme. -⁠Inside the Mind of State-Sponsored Cyberattackers⁠ — A deeper look at how nation-state operations are structured and why they're so hard to disrupt. #NationStateThreat #InsiderRisk About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

Enjoy this encore episode of Threat Vector by Palo Alto Networks. North Korea has turned your hiring pipeline into a revenue machine. And most organizations have no idea. ⁠Evan Gordenker⁠, Director of AI Security and DPRK Operations at Unit 42, has led more than 160 investigations into sophisticated threat actors, including the North Korean IT worker networks quietly embedded inside global companies. He joins⁠ ⁠⁠David Moulton⁠ to unpack how this operation actually works, why common assumptions about remote work leave organizations exposed, and what security and HR teams can do to detect and disrupt it. You'll learn: - How DPRK operatives use deepfakes, fabricated identities, and real accomplice networks to pass interviews and land jobs at global companies - Why "we don't hire remote" is a dangerous assumption that no longer holds - What signals HR and SOC teams should look for, before and after someone is hired - How the threat has evolved from quiet wage theft to active extortion of former employers - What government collaboration and cross-border intelligence sharing can realistically accomplish Evan contributed to the UN Sanctions Monitoring Team report on North Korean operations and brings a rare combination of technical depth and geopolitical fluency to this problem. Having lived and worked across the US, EU, and Japan, he brings cultural context that matters when investigating a threat with global reach. His investigations have produced some of the most detailed profiles of DPRK operators in the security community. This episode is essential listening if you're: a security leader building out your insider threat program, an HR or talent acquisition leader who hasn't yet connected with your security team, or a threat intelligence analyst tracking how nation-state programs fund themselves. Related Episodes: - ⁠From Code to Compromise⁠ — Covers North Korean threat actors using fake job interviews to target developers via malicious IDE extensions. A strong companion to this episode's look at the broader IT worker scheme. -⁠Inside the Mind of State-Sponsored Cyberattackers⁠ — A deeper look at how nation-state operations are structured and why they're so hard to disrupt. #NationStateThreat #InsiderRisk About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

NOW PLAYING

Encore: The Billion Dollar Hiring Scam Funding North Korea

0:00 38:27

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

MG Show MG Show The MG Show, hosted by Jeffrey Pedersen and Shannon Townsend, is a leading alternative media platform dedicated to uncovering the truth behind today’s most pressing political issues. Launched in 2019, the show has grown exponentially, offering unfiltered insights, comprehensive research, and real-time analysis. With a commitment to independent journalism and factual integrity, the MG Show empowers its audience with knowledge and encourages active participation in the political discourse. That Hoarder: Overcome Compulsive Hoarding That Hoarder Hoarding disorder is stigmatised and people who hoard feel vast amounts of shame. This podcast began life as an audio diary, an anonymous outlet for somebody with this weird condition. That Hoarder speaks about her experiences living with compulsive hoarding, she interviews therapists, academics, researchers, children of hoarders, professional organisers and influencers, and she shares insight and tips for others with the problem. Listened to by people who hoard as well as those who love them and those who work with them, Overcome Compulsive Hoarding with That Hoarder aims to shatter the stigma, share the truth and speak openly and honestly to improve lives. Flottengeflüster ALD Automotive Österreich | LeasePlan Beim Flottengeflüster powered by ALD Automotive | LeasePlan präsentieren Jörg Janik und Peter Gutenbrunner alle zwei Wochen spannende Informationen rund um das Thema nachhaltige Mobilität. Beide beschäftigen sich schon lange mit der Thematik und bringen umfangreiches Fachwissen mit. Sollten sie aber doch einmal nicht weiter wissen, werden unsere Expert*innen hinzugezogen, die ihnen gerne mit Rat und Tat zur Seite stehen. The Small Business Startup School – Business Notes | Financial Literacy | Retail Psychology – For Professionals & Entrepreneurs The Small Business Startup School Inc. Starting or buying a small business? While personal circumstances may vary, business patterns remain timeless. On The Small Business Startup School, we explore strategies, insights, and practical solutions to help entrepreneurs confidently navigate their journey.Hosted by Ola Williams—a retail entrepreneur, fintech founder, and financial coach with over two decades of experience—this podcast marries financial awareness and retail psychology with optimism to deliver actionable takeaways.Join us to learn, grow, and connect as we uncover the keys to business success.Let’s continue to learn together and be encouraged to keep on connecting!

Frequently Asked Questions

How long is this episode of Threat Vector by Palo Alto Networks?

This episode is 38 minutes long.

When was this Threat Vector by Palo Alto Networks episode published?

This episode was published on July 9, 2026.

What is this episode about?

Enjoy this encore episode of Threat Vector by Palo Alto Networks. North Korea has turned your hiring pipeline into a revenue machine. And most organizations have no idea. ⁠Evan Gordenker⁠, Director of AI Security and DPRK Operations at Unit...

Can I download this Threat Vector by Palo Alto Networks episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!