US tech giant Amazon has taken decisive measures to prevent North Korean workers from infiltrating its workforce, blocking over 1,800 applicants in recent months. This action arises amid mounting concerns regarding North Korea’s attempts to send IT workers abroad to generate and launder funds. Amazon’s Chief Security Officer, Stephen Schmidt, disclosed that the company has observed nearly a one-third increase in applications from North Koreans seeking remote IT jobs, particularly in the United States.
Amazon’s Response to North Korean Applications
In a LinkedIn post, Schmidt highlighted the alarming trend of North Korean workers attempting to secure remote positions with companies worldwide. He mentioned that these workers frequently operate through “laptop farms,” enabling computers in the U.S. to be remotely controlled from outside the country. This approach allows North Korean operatives to circumvent traditional employment barriers and access lucrative job opportunities. Schmidt stressed that this issue is not confined to Amazon, indicating that many companies across the tech sector likely face similar challenges.
Identifying North Korean Workers
Schmidt detailed some indicators that can assist in identifying North Korean applicants. These indicators include inconsistencies in phone number formatting and dubious academic credentials. The situation has drawn further attention following a recent incident in Arizona, where a woman received a sentence of over eight years in prison for running a laptop farm that helped North Korean IT workers secure remote jobs at more than 300 U.S. companies. This operation reportedly generated over $17 million in revenue for both the woman and the North Korean regime.
Broader Implications of North Korea’s Cyber Operations
The concerns regarding North Korean cyber activities reach beyond individual job applications. In July, South Korea’s intelligence agency warned that North Korean operatives had been using LinkedIn to impersonate recruiters, targeting South Koreans in defense sectors to extract sensitive technological information. Analysts, such as Hong Min from the Korea Institute for National Unification, have pointed out that North Korea is actively training cyber personnel and infiltrating key locations globally. The motives behind these operations appear largely economic, presenting a substantial risk of financial asset theft.
The Evolution of North Korea’s Cyber Warfare
North Korea’s cyber warfare capabilities have developed considerably since the mid-1990s. The country now operates a cyber unit known as Bureau 121, which is estimated to consist of around 6,000 personnel working from various global locations. Recent reports reveal that North Korean-affiliated cybercriminals have stolen over $3 billion in the past three years, primarily through cryptocurrency theft. In November, the U.S. government imposed sanctions on eight individuals connected to state-sponsored hacking, accusing them of conducting illegal operations to fund North Korea’s nuclear weapons program. This ongoing threat highlights the necessity for vigilance within the tech industry and beyond.
Digihunt is not a financial advisor, and this is not investment advice.