In a bold move to address sophisticated cyber threats, Coinbase is rolling out strict new hiring and security protocols. CEO Brian Armstrong announced in a podcast that the crypto exchange is now requiring all employees to attend orientation in person, and requiring U.S. citizenship for anyone with access to sensitive systems. These moves are directly a response to the developing and growing threat from North Korean state sponsored hackers, who are leveraging remote work policies to penetrate companies.
This announcement comes after the Federal Bureau of Investigation (FBI) warned about North Korean IT workers masquerading as home-based, remote employees in order to gain entry into companies’ corporate networks. These bad actors are working toward stealing sensitive data and generating revenue for their regime. Armstrong explained, the scale of this threat is staggering, with a constant stream of new people being trained to engage in these malicious acts.
The Remote Work Vulnerability
Clearly, there are opportunities for companies and employees with remote work on the rise. But it also provided a new attack vector for criminal activity, especially cybercriminal activity. North Korean hackers particularly are experts at working in a non-centralized environment. They fabricate resumes and identities and apply to remote IT employment opportunities, usually with a person in the U.S. to help facilitate their job opening (e.g. attend a virtual interview, set up a front business, or even reship a company laptop). Ultimately they want to infiltrate the company for unauthorized access to their systems, then either exfilrate data useful to their adversarial state, or demand ransom for the data they compromised.
Verifying Identity in a Digital World
In a world filled with deepfakes and AI-generated personas, verifying a person’s true identity is more challenging than ever. Armstrong noted that Coinbase now requires job candidates to have their cameras on during interviews to ensure they are not AI-generated or being coached. The new policy, however, takes this a step further by requiring physical presence. The in-person orientation is designed to establish a “proof of physical presence,” which Armstrong and Stripe co-founder John Collison, the podcast host, believe will become increasingly important as cybercrime evolves.
A Multi-Pronged Approach to Security
Coinbase’s strategy isn’t limited to just new hires. The company is also taking aggressive steps to deter internal threats. Armstrong highlighted a disturbing trend where “threat actors” have offered bribes, sometimes amounting to hundreds of thousands of dollars, to customer service agents for sensitive information. To combat this, Coinbase has made it clear that the consequences for such actions are severe. As Armstrong put it, “When we catch people, they don’t walk out the door, they go to jail.” This zero-tolerance approach is a strong deterrent.
Securing Customer Support Operations
A key part of Coinbase’s enhanced security is the focus on its customer support infrastructure. In a move to reduce vulnerabilities associated with outsourcing, the company is building up its U.S.-based support. The recent opening of a new facility in Charlotte, North Carolina, is a testament to this effort. As it takes control of and operates on U.S. territory for its key operations and sensitive assets, Coinbase can more effectively manage security risks and threats directed towards its business. This move demonstrates bigger trends in the industry in taking critical operations in-house for security reasons.
The Wider Impact
Coinbase’s challenges are not theirs alone. The FBI is warning that North Korean IT worker scams have already steered millions of dollars back into Pyongyang. This has left companies positioned between the adoption of flexible remote work arrangements and strict security. For companies operating in the digital space and particularly high-value operational spaces like cryptocurrency, the Coinbase case reinforces that traditional notions of security may not suffice. Corporate security in the future may possibly indicate a strong focus on actual presence and formalized identity verification to ensure we are not outflanked by increasingly capable adversaries in the cyber landscape.



