Wednesday, May 29, 2024

"Thousands of North Koreans stole Americans’ identities and took remote-work tech jobs at Fortune 500 companies, DOJ has said"

Doing the jobs Americans won't do.

First, the heads-up that the story was out there:

And from Axios, May 21:

North Korean IT workers game U.S. companies' hiring practices 

North Korean IT workers are posing as Americans to score coveted remote jobs and use the salaries to pay for their country's missile program.

Why it matters: Remote hiring practices have made it dangerously easy for North Korean IT workers to dupe hiring managers who historically had relied on in-person interviews to detect imposters.

  • These issues could be exacerbated as AI technologies get better at creating more realistic deepfake video and audio.

Driving the news: Federal prosecutors charged an Arizona woman and four other people last week with facilitating an elaborate North Korea-linked scheme to help their IT workers pose as U.S. citizens and secure remote tech jobs.

  • Workers landed jobs at more than 300 U.S. companies — including an aerospace manufacturer, U.S. automaker, a Silicon Valley tech company and other Fortune 500 companies — as part of this specific scam.
  • North Koreans used the identities of more than 60 U.S. people in their job applications and relied on VPNs to disguise their computers' actual location. The workers are linked to the regime's Munitions Industry Department, which oversees its ballistic missiles and weapons production programs, according to the State Department.
  • In total, this specific scheme generated at least $6.8 million in revenue.

What they're saying: "The scary part is that this is just sort of the tip of the iceberg," Greg Lesnewich, senior threat researcher at Proofpoint, told Axios.

  • "This is probably happening around the world and at a greater scale than we might be prepared to deal with."

Threat level: The U.S. government has been warning American companies about North Korean IT workers trying to get hired in remote jobs for at least two years.

  • The idea is simple: U.S. and other Western companies offer higher salaries and posing as Americans can allow North Koreans to bypass U.S. and U.N. sanctions that otherwise keep them from being hired.
  • Specifically, North Korean workers have been looking for freelance employment contracts in North America, Europe and East Asia, the U.S. warned at the time.
  • Complicating matters, many of these North Korean IT workers have also been expats that are based in China and Russia.

Between the lines: It's easier to bypass traditional identity verification tactics when interviewing for a job through video and phone calls, Lesnewich noted....


You have to ask: Where the hell are the FBI and CIA on this?  

Well, on October 19, 2020 here's where 51 of them were at:

Hunter Biden story is Russian disinfo, dozens of former intel officials say
More than 50 former intelligence officials signed a letter casting doubt on the provenance of a New York Post story on the former vice president’s son.