The Federal Bureau of Investigation (FBI), the US Department of State, and the US Department of the Treasury have issued an advisory warning organisations against unknowingly hiring North Korean IT workers.
North Korean nationals have been known to apply for several freelance and remote working tech positions in US-based companies, with the roles often requiring expertise in app development, graphic animation, artificial intelligence (AI), AR/VR, biometrics, cryptocurrency, and general IT support.
When hired, the remuneration paid to the IT workers, who in some cases earn even $300,000 (£240,687) per year, is one of the main sources of revenue for the Democratic People's Republic of Korea’s (DPRK) nuclear weapons and ballistic missiles programme.
Assistance in funding DPRK’s military operations is against US federal law, the FBI warned on Monday, with those helping the country evade sanctions – even unknowingly – likely to face up to five years in prison as well as a fine of up to $250,000 (£200,810).
RELATED RESOURCE
Save time, money and protect your mid-market business with strategic workforce solutions
Effectively handle your technology needs with superior capabilities to secure, manage, and support business PCs
To avoid potentially hiring North Korean nationals for tech roles, organisations have been urged to look out for inconsistencies in name spelling and personal information such as contact information or work location, as well as education history or biography. North Korean IT workers can be based in China, Russia, Southeast Asia, or even Africa to avoid suspicion, and often pose as nationals of other Asian countries. They are also likely to request payment in virtual currency in an attempt to avoid being identified by formal financial systems or use a freelance work platform as an intermediary.
To ensure that programmers and developers hired through freelance work platforms are who they claim to be, employers should verify candidates’ identities over a video call, as well as conduct thorough background checks. As documents including driver’s licences and university diplomas can be easily forged, organisations have been urged to directly contact the candidate’s educational institution or former employer, and avoid using reference contact information provided by the candidate.
The advisory comes weeks after programmer and blockchain expert Virgil Griffith, a US citizen based in Singapore, was sentenced to 63 months in prison and fined $100,000 (£77,000) for helping North Korea launder money and evade sanctions. Having illegally travelled to Pyongyang in April 2019, Griffith provided instructions on how North Korea could use blockchain technology such as smart contracts to negotiate nuclear weapons with the US.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Put AI to work for talent managementWhitepaper Change the way we define jobs and the skills required to support business and employee needs
-
The future of HR and talent in the age of generative AIWebinar Transform your people management, support your workforce, and optimize your HR strategy
-
Digital experience has to be at the heart of employers’ recruitment drivesSponsored As the Great Resignation rolls on, businesses need to live up to candidates expectations or risk losing out on top talent
-
Little is being done to address the tech industry's racial hiring bias, reportNews Non-white individuals are far less likely to be offered an interview compared to other applicant groups, research shows
-
Can the CBI survive its misconduct scandal?News The industry trade body has been embroiled in one of the largest scandals in British business history in recent weeks
-
How to choose an HR systemWhitepaper What IT leaders need to know
-
Amazon staff reportedly launch campaign to reverse 'shock' worldwide return to office plansNews An internal petition calls for CEO Andy Jassy to roll back planned requirements for corporate staff to return on a three-day basis
-
The tech industry needs to unionise now more than everOpinion Companies hoping to boost productivity should embrace unionisation so employees aren’t constantly anxious over job security or childcare arrangements
