US officials warn against inadvertently hiring ‘rogue freelancers’ from North Korea

The US has issued a warning against hiring tech freelancers from North Korea and asked companies to be more careful, saying money earned by them was being taken by Pyongyang.

Several North Koreans were taking advantage of remote work opportunities from western countries, including the US, and hiding their association with North Korea to earn money for their government, said an advisory issued on Monday by the State and Treasury departments and the Federal Bureau of Investigation (FBI).

The statement said the effort was intended to circumvent US and UN sanctions on North Korea and “abuse the entire ecosystem of freelance work platforms” to bring in money for Pyongyang’s efforts to bolster their nuclear weapons and ballistic missile programmes.

“There are thousands of DPRK IT workers both dispatched overseas and located within the DPRK, generating revenue that is remitted back to the North Korean government,” the advisory stated, referring to North Korea by its formal name, the Democratic People’s Republic of Korea.

“These IT workers take advantage of existing demands for specific IT skills, such as software and mobile application development, to obtain freelance employment contracts from clients around the world, including in North America, Europe, and East Asia,” it added.

The advisory warned of many North Korean workers pretending to be from South Korea, Japan or other Asian countries.

It laid out a series of red flags for employers to watch for, including multiple logins into one account from various IP addresses, a refusal to participate in video calls and requests to receive payments in virtual currencies.

US officials said the North Koreans were mostly based out of China and Russia, with smaller numbers operating out of Africa and southeast Asia. Much of the money they earned is taken by the North Korean government, the advisory said.

It asked companies to “verify documents” and “closely scrutinise identity verification documents” among other steps to avoid hiring any North Koreans.

According to experts, while it is not always clear what these “rogue freelancers” are after, data theft and stealing funds are usually the main motivations.

“Defending against North Korean nation-state actors is difficult, particularly when these threats are now coming from both outside and inside organisations,” said Kevin Bocek, VP of security strategy and threat intelligence at cybersecurity firm Venafi.

“They are often well funded, highly sophisticated, and — as we’re seeing with this FBI warning — capable of thinking outside the box to find new ways to attack networks,” Mr Boceck said.

Officials said companies who hired and paid such workers may be exposing themselves to legal consequences for sanctions violations.

“Hiring or supporting the activities of DPRK IT workers poses many risks, ranging from theft of intellectual property, data, and funds to reputational harm and legal consequences, including sanctions under both US and UN authorities,” it said.

Additional reporting by agencies

Source link

Leave a Reply

Your email address will not be published.