U.S. Warns Against Unintentionally Hiring North Korean IT Workers

U.S. Warns Against Unintentionally Hiring North Korean IT Workers
Tue, 05/17/2022 – 18:43

Connection to WMDs and missile programs

The advisory said North Korean IT workers are tapping into the demand for IT skills to get freelance contracts in North America, Europe, and East Asia. And in many cases, the workers circumvent hiring restrictions by representing themselves as U.S.-based or non-North Korean teleworkers – or hide their identities and location by sub-contracting work to non-North Koreans.  

Cybersecurity Live - Boston

They target opportunities across a wide gamut of specialities including mobile applications, mobile games, building virtual currency exchange platforms and digital coins, graphic animation, artificial intelligence-related applications, hardware and firmware development, and database development and management.

The “vast majority of them are subordinate to and working on behalf of entities directly involved in DPRK’s WMD and ballistic missile programs, as well as its advanced conventional weapons development and trade sectors. This results in revenue…being used by the DPRK to develop its WMD and ballistic programs, in violation of U.S. and UN sanctions,” the advisory said.

“Although DPRK IT workers normally engage in non-malicious IT work, such as the development of a virtual currency exchange or a website, they have used the privileged access gained as contractors to enable DPRK’s malicious cyber intrusions. Some overseas-based DPRK IT workers have provided logistical support to DPRK-based malicious cyber actors, although the IT workers are unlikely to be involved in malicious cyber activities themselves. DPRK IT workers may share access to virtual infrastructure, facilitate sales of data stolen by DPRK cyber actors, or assist with the DPRK’s money-laundering and virtual currency transfers.”

Guidance on the Democratic People’s Republic of Korea Information Technology Workers, Joint advisory of the U.S. Department of State, the U.S. Department of the Treasury, and the FBI, May 16, 2022

Cybercrime is how North Korea makes money

“Our recent research shows that cybercrime has become a primary means of revenue generation in North Korea,”…