US Authorities intensify actions to counter an emerging threat: North Korean remote tech workers

Coordinated actions

The US Department of Justice announced new coordinated actions to counter an emerging threat in the country and the world: North Korean IT remote workers.

Sending thousands of workers

The FBI alerted about North Korean programmers infiltrating hundreds of companies, posing as American remote workers. They steal identities and hire citizens to mask their operations.

Months of operations

For several months, law enforcement agencies have prosecuted dozens of accomplices to the schemes. The North Korean regime uses it as another workaround to bypass sanctions.

Millions of dollars

According to American authorities, the country has collected millions in revenue from Western companies that believe they are paying remote IT workers legitimately.

Most recent scheme

The most recent scheme, unveiled on June 30, stripped American companies of over $3 million in damages and generated over $5 million for North Korea, prosecutors said.

An unlikely ally

The past scheme they uncovered granted the Asian country nearly $2 million in paychecks, The Wall Street Journal reported. An FBI press release detailed a case against Christina Chapman, a middle-aged resident of Phoenix.

Photo: Bestlifethrift (Christina Chapman) / TikTok

Laptop farm

Chapman, who had a very active TikTok account, harbored a laptop farm: she would receive devices from companies and install software for the North Koreans to control them remotely. The computers are visible in the background of the photo, behind a smoothie she was showing her followers.

Photo: Bestlifethrift (Christina Chapman) / TikTok

False US identities

She also aided the group in stealing US identities, filing tax forms, and receiving bankroll payments from US companies, the press release said. She was arrested in Litchfield Park, Arizona, on May 15.

Hundreds of companies

Federal prosecutors said she helped them steal 60 identities and infiltrate 300 US companies. According to Wired, she was approached via LinkedIn in 2020 and is not the only one.

Top Companies

The depth of the scheme allowed North Korean IT workers to enter top companies. According to her indictment, it included a Silicon Valley technology firm, media companies, and a carmaker, all Fortune 500 companies.

Other costs

That raised another concern for FBI agents: the danger to these companies' intellectual property as they fell prey to the fake remote workers.

Military technology

According to The New York Times, the latest case, in which American, Chinese, and Taiwanese citizens were accused, exposed sensitive information, including some related to military technology.

Custom-made programs

In Chapman’s case, a cybersecurity expert told the WSJ that he spotted seven custom-written programs designed to access company networks undetected when he reviewed one of the laptops from her farm.

Trained programmers

According to Wired, the programmers who run these schemes are talented and trained by North Korean Intelligence to enter Western companies and collect paychecks.

2022 advisory

A 2022 advisory by the FBI and the Departments of State and Treasury altered the public of what they called the "North Korean IT worker threat." Wired said Pyongyang has run the scheme "for maybe a decade."

Bypassing sanctions

These and other North Korean schemes aim to bypass international sanctions and access funds. The regime has devised several creative alternatives.

Cryptocurrency heists

The Wall Street Journal cited a systematic effort to steal cryptocurrencies. The newspaper said experts' analysis concluded that North Korean hackers have taken over $6 billion.