We all know that North Korea has been funding their terrorism – and their economy – using ransomware attacks and other malware. Now they have a new way and it is pretty creative.
According to an advisory from the feds, North Korean IT workers have been trying to get IT jobs in the United States – both in the government and private sectors.
The money they earn from working for U.S. companies and government agencies goes back to North Korea to fund WMD and ballistic missiles.
And apparently, we are not talking about 1 or 2 IT workers. According to the feds, they are sending thousands of these IT workers out to countries across the world.
Sometimes they act as freelancers, where the checks are less strict.
Or they look for telework, so they never have to meet a coworker in person.
Both perfect in a pandemic/post-pandemic world.
A team of DPRK IT workers can make $3 million a year. To fund North Korea.
To support this, the country has a whole network of high end university programs to train around 30,000 students at a time.
The fed’s advisory provides detailed information on how the North Korean IT workers operate, red flags to look for, payment platforms that they use and general mitigation measures companies can take.
Yes they are interested in your money.
But stealing your intellectual property is a side benefit.
Not to mention sharing your credentials with hackers at home.
The details in the advisory are fascinating as to how sophisticated they are at creating false identities and false locations. They never leave North Korea.
While you are not likely going to be prosecuted for hiring one of these people (unless it is obvious they are North Korean), it certainly is within the rules of engagement for the Office of Foreign Asset Control (OFAC) to do that. The rest of it – that could be really bad for your company.
Credit: Data Breach Today
Advisory: DoJ/Treasury Guidance