US officials warn against inadvertently hiring ‘rogue freelancers’ from North Korea

US warns employers to look for red flags like requests to receive payments in virtual currencies

Stuti Mishra
Tuesday 17 May 2022 15:04 BST
Comments
Related: North Korea confirms 21 deaths and jump in cases of ‘fever’ as Covid-19 spreads

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The US has issued a warning against hiring tech freelancers from North Korea and asked companies to be more careful, saying money earned by them was being taken by Pyongyang.

Several North Koreans were taking advantage of remote work opportunities from western countries, including the US, and hiding their association with North Korea to earn money for their government, said an advisory issued on Monday by the State and Treasury departments and the Federal Bureau of Investigation (FBI).

The statement said the effort was intended to circumvent US and UN sanctions on North Korea and “abuse the entire ecosystem of freelance work platforms” to bring in money for Pyongyang’s efforts to bolster their nuclear weapons and ballistic missile programmes.

“There are thousands of DPRK IT workers both dispatched overseas and located within the DPRK, generating revenue that is remitted back to the North Korean government,” the advisory stated, referring to North Korea by its formal name, the Democratic People’s Republic of Korea.

“These IT workers take advantage of existing demands for specific IT skills, such as software and mobile application development, to obtain freelance employment contracts from clients around the world, including in North America, Europe, and East Asia,” it added.

The advisory warned of many North Korean workers pretending to be from South Korea, Japan or other Asian countries.

It laid out a series of red flags for employers to watch for, including multiple logins into one account from various IP addresses, a refusal to participate in video calls and requests to receive payments in virtual currencies.

US officials said the North Koreans were mostly based out of China and Russia, with smaller numbers operating out of Africa and southeast Asia. Much of the money they earned is taken by the North Korean government, the advisory said.

It asked companies to “verify documents” and “closely scrutinise identity verification documents” among other steps to avoid hiring any North Koreans.

According to experts, while it is not always clear what these “rogue freelancers” are after, data theft and stealing funds are usually the main motivations.

“Defending against North Korean nation-state actors is difficult, particularly when these threats are now coming from both outside and inside organisations,” said Kevin Bocek, VP of security strategy and threat intelligence at cybersecurity firm Venafi.

“They are often well funded, highly sophisticated, and — as we’re seeing with this FBI warning — capable of thinking outside the box to find new ways to attack networks,” Mr Boceck said.

Officials said companies who hired and paid such workers may be exposing themselves to legal consequences for sanctions violations.

“Hiring or supporting the activities of DPRK IT workers poses many risks, ranging from theft of intellectual property, data, and funds to reputational harm and legal consequences, including sanctions under both US and UN authorities,” it said.

Additional reporting by agencies

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in