A secretive group of North Koreans have been securing IT jobs across the US and UK, using AI tools and local accomplices to obscure their true identities.
"Their goal? Cashing in on top tech salaries to funnel millions of dollars back to Pyongyang for its weapons programme," said Politico.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
How do they get hired?
First, the North Korean nationals set up fake LinkedIn profiles, from which they can network with recruiters and apply for jobs using their false identities. Applicants "claim to be from countries including Italy, Japan, Malaysia, Singapore, Ukraine, the US and Vietnam", said Bloomberg.
Most are actually based in Russia and China, said the US Department of Justice. Their fake identities are carefully crafted, including "pseudonymous email, social media, payment platform and online job site accounts as well as false websites, proxy computers, and witting and unwitting third parties located in the United States and elsewhere".
Once hired, the North Korean workers are onboarded with their false credentials, sometimes including a US "front" address, where American accomplices can receive company laptops and keep them running.
What's the goal?
To earn money for the North Korean regime. IT worker teams "are set 'earnings quotas' by Kim Jong Un's regime", Michael Barnhart, from risk management firm DTEX, told Wired. The workers operate on behalf of several North Korean military and intelligence organisations, with the money they earn channelled back into them.
In one operation, shut down by US authorities in February, North Korean IT workers had infiltrated more than 300 US companies, and collectively earned more than $17 million (£12.7 million). They are often paid in cryptocurrency, or via digital payment platforms, with traditional bank payments laundered through third countries like China before making their way back to North Korea.
What's being done about it?
North Korea has historically targeted US-based tech companies, but in response to increasing awareness of the problem among American employers, they are now expanding their operations to European firms.
John Hultquist, chief analyst at Google's Threat Intelligence group, said UK companies should insist on video or face-to-face interviews to help expose potentially fraudulent applicants. The "scheme usually breaks down when the actor is asked to go on camera or come into the office for an interview", he told The Guardian. However, it is reportedly becoming increasingly common for applicants to use real-time AI deepfake technology to change their appearance on video interviews.
Given the difficulty of targeting suspects based in North Korea or allied countries like Russia and China, US law enforcement agencies are increasingly turning their attention to the accomplices who help pull off the scams. In January, the Department of Justice issued indictments for two North Korean nationals and arrested three "facilitators". Two are US citizens accused of running so-called "laptop farms", which receive and operate company devices on behalf of North Korean operatives, while a Mexican national is accused of allowing fraudulent workers to use his identity.
Bryan Vorndran, assistant director of the FBI's cyber division, said that the indictments "should highlight to all American companies the risk posed by the North Korean government".
-
An ancient Israeli cave teaches new archaeological lessonsThe Explainer The cave is believed to be one of the world's oldest burial sites
-
How China uses 'dark fleets' to circumvent trade sanctionsThe Explainer The fleets are used to smuggle goods like oil and fish
-
The countries that have recognized Palestinian statehoodThe Explainer The United Kingdom has become the latest country to weigh in on the issue
-
Wonsan-Kalma: North Korea's new 'mammoth' beach resortUnder the Radar Pyongyang wants to boost tourism but there won't be many foreign visitors to Kim Jong Un's 'pet project'
-
How developed was Iran's nuclear program and what's left now?Today's Big Question Israel and the United States have said different things about Iran's capabilities
-
Superyachts are getting caught up in spy scandalsThe Explainer China and Russia have both been accused of spying maneuvers on the open sea
-
Ukraine-US minerals deal: is Trump turning away from Putin?Today's Big Question US shows 'exasperation' with Russia and signs agreement with Ukraine in what could be a significant shift in the search for peace
-
Why Russia removed the Taliban's terrorist designationThe Explainer Russia had designated the Taliban as a terrorist group over 20 years ago
