The North Korea fake IT worker scheme has become a pernicious threat across several industries. While best practices emphasize precautions throughout the hiring phase, once onboarded such operatives can be challenging to detect. Combinations of behavioral analytics, threat intelligence, and other points of information are taking shape as essential defenses, as a recent case attests.   According to a recent report from LevelBlue SpiderLabs, a suspected North Korea-linked operative was hired, passed security checks, and was assigned to work on Salesforce data before being identified and terminated 10 days later. It took a combination of geolocation anomalies, unmanaged device access, and threa...