You are currently viewing Be careful not to unwittingly hire North Korean IT freelancers – Security

Be careful not to unwittingly hire North Korean IT freelancers – Security

North Korean information technology freelancers are taking advantage of skills shortages around the world to land lucrative contracts that earn the authoritarian nation much-needed currency, the United States has warned.

Individually, North Korean computer scientists can make over US$300,000 (AUD$431,600), with teams earning 10 times that amount.

However, the workers themselves see little of the wages they earn, as the North Korean government withholds up to 90% of earnings.

Workers are also subject to human trafficking, forced labor, excessive working hours under the close supervision of government security officers, and unsafe and unsanitary living conditions, the United States said.

In total, the United States estimates that computer scientists bring hundreds of millions of dollars to the North Korean government, accused of using these funds to develop nuclear weapons and weapons of mass destruction.

North Korean IT workers use various tricks to get jobs, US agencies say in joint advisory [pdf].

They target freelance contracts offered in North America, Europe and East Asia, while posing as South Korean, Chinese, Japanese, Eastern European or US-based remote workers .

The North Koreans have also tried to obscure their identity by creating agreements with other third-party contractors and independent online platforms to hide their nationality, the United States said.

Faked and stolen credentials are also used by North Korean developers to conceal their identities.

North Korean IT professionals target a wide range of tasks, ranging from mobile and web application development, animation, general support, online gambling, hardware and firmware, management databases and virtual reality.

Although computer scientists normally engage in non-malicious missions, some have used their privileged access to enable North Korean cyber intrusions, the United States said.

Others also reportedly helped North Korea procure weapons of mass destruction and ballistic missile-related items for the country’s banned weapons program.

In recent years, the North Korean regime under its Supreme Leader Kim Jong Un has placed more emphasis on computer training and education, with dozens of academic programs made available to tens of thousands of people. university students.

Hiring North Korean IT personnel exposes organizations and individuals to potential legal consequences such as U.S. and United Nations sanctions, as well as reputational risks, U.S. officials have warned.

The United States is asking organizations to better verify the documents presented by job applicants, use video interviews and apply technical measures such as verifying whether applicants are accessing freelance platforms remotely via software. desktop sharing or virtual private network applications.

Leave a Reply