A secretive group of North Koreans have been securing IT jobs across the US and UK, using AI tools and local accomplices to obscure their true identities.
"Their goal? Cashing in on top tech salaries to funnel millions of dollars back to Pyongyang for its weapons programme," said Politico.
The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
How do they get hired?
First, the North Korean nationals set up fake LinkedIn profiles, from which they can network with recruiters and apply for jobs using their false identities. Applicants "claim to be from countries including Italy, Japan, Malaysia, Singapore, Ukraine, the US and Vietnam", said Bloomberg.
Most are actually based in Russia and China, said the US Department of Justice. Their fake identities are carefully crafted, including "pseudonymous email, social media, payment platform and online job site accounts as well as false websites, proxy computers, and witting and unwitting third parties located in the United States and elsewhere".
Once hired, the North Korean workers are onboarded with their false credentials, sometimes including a US "front" address, where American accomplices can receive company laptops and keep them running.
What's the goal?
To earn money for the North Korean regime. IT worker teams "are set 'earnings quotas' by Kim Jong Un's regime", Michael Barnhart, from risk management firm DTEX, told Wired. The workers operate on behalf of several North Korean military and intelligence organisations, with the money they earn channelled back into them.
In one operation, shut down by US authorities in February, North Korean IT workers had infiltrated more than 300 US companies, and collectively earned more than $17 million (£12.7 million). They are often paid in cryptocurrency, or via digital payment platforms, with traditional bank payments laundered through third countries like China before making their way back to North Korea.
What's being done about it?
North Korea has historically targeted US-based tech companies, but in response to increasing awareness of the problem among American employers, they are now expanding their operations to European firms.
John Hultquist, chief analyst at Google's Threat Intelligence group, said UK companies should insist on video or face-to-face interviews to help expose potentially fraudulent applicants. The "scheme usually breaks down when the actor is asked to go on camera or come into the office for an interview", he told The Guardian. However, it is reportedly becoming increasingly common for applicants to use real-time AI deepfake technology to change their appearance on video interviews.
Given the difficulty of targeting suspects based in North Korea or allied countries like Russia and China, US law enforcement agencies are increasingly turning their attention to the accomplices who help pull off the scams. In January, the Department of Justice issued indictments for two North Korean nationals and arrested three "facilitators". Two are US citizens accused of running so-called "laptop farms", which receive and operate company devices on behalf of North Korean operatives, while a Mexican national is accused of allowing fraudulent workers to use his identity.
Bryan Vorndran, assistant director of the FBI's cyber division, said that the indictments "should highlight to all American companies the risk posed by the North Korean government".
-
September 20 editorial cartoonsCartoons Saturday's political cartoons include Senate confirmations, and mocking the powerful
-
21 Donald Trump political cartoonsCartoons The nation's cartoonists take on Donald Trump's relationship with Jeffrey Epstein, Jimmy Kimmel, war and peace
-
Passing sentence in Brazil: the jailing of Jair BolsonaroIn the Spotlight In convicting Brazil’s former president, its Supreme Court has sent a powerful message about democratic accountability – but the victory may be only a temporary
-
Kim Ju Ae: North Korea’s next leader?The Explainer Kim Jong Un’s young daughter is being seen as his ‘recognised heir’ following a high-profile public appearance at China summit
-
Denmark’s record-setting arms purchase raises eyebrows and anxietyIN THE SPOTLIGHT By eschewing American-made munitions for their European counterparts, the Danish government is bracing for Russian antagonism and sending a message to the West
-
'Axis of upheaval': will China summit cement new world order?Today's Big Question Xi calls on anti-US alliance to cooperate in new China-led global system – but fault lines remain
-
China is silently expanding its influence in American citiesUnder the Radar New York City and San Francisco, among others, have reportedly been targeted
-
Kabul braces for a waterless futureTHE EXPLAINER A confluence of manmade and environmental factors makes the Afghan city the first modern capital to risk running out of groundwater
-
An ancient Israeli cave teaches new archaeological lessonsThe Explainer The cave is believed to be one of the world's oldest burial sites
-
How China uses 'dark fleets' to circumvent trade sanctionsThe Explainer The fleets are used to smuggle goods like oil and fish
-
The countries that have recognized Palestinian statehoodThe Explainer The United Kingdom has become the latest country to weigh in on the issue
