How not to hire a North Korean plant posing as a techie
The RegisterOct 19, 2023
The US Dept. of Justice (DOJ) this week revealed it had confiscated 17 websites posing as legitimate US-based tech firms. The domains allegedly enabled North Korean IT workers to work remotely for US companies, defraud US companies, bypass sanctions, and garner money used to fund North Korean weapons programs.
According to a written statement made by the department's National Security Division on Wednesday, Assistant Attorney General Matthew Olsen said: "The seizures announced today protect U.S. companies from being infiltrated with North Korean computer code and help ensure that American businesses are not used to finance that regime's weapons program."
Thousands of North Korean techies have devised schemes to infiltrate foreign companies, including some in the US. China and Russia are also prone to hiring these agents, meaning that this problem transcends geography and geopolitics. There are steps US companies can take to avoid hiring North Korean plants, and they almost certainly will become more aware of this problem and address it. This relatively low-level operation can be solved rather easily by US companies.
American companies have been getting duped by savvy North Korean tech workers, allowing North Korean nationals to funnel money back to their home country. US-based companies either ignored warnings to remain diligent, or they simply didn't care enough to protect against foreign plants within their ranks. Either way, North Korea seems to be ahead of US internet security norms and processes. US companies also need to bear the brunt of better vetting and security protocols.