North Korean IT Workers Infiltrate U.S. Remote Work Environments Using Stolen Identities and AI

Over the course of three years, North Korean IT workers took advantage of remote work environments to infiltrate U.S. companies and divert funds to their country’s nuclear missile program. 

According to the U.S. Justice Department, an Arizona-based woman named Christina Chapman helped North Korean IT and other foreign-based IT workers — who posed as U.S. citizens and residents — in a scheme that landed them work at over 300 U.S. firms. The effort resulted in at least $6.8 million in revenue to be generated for overseas IT workers. 

“Using the stolen identities of U.S. citizens is a crime by itself, but when you use those identities to procure employment for foreign nationals with ties to North Korea at hundreds of U.S. companies, you have compromised the national security of an entire nation,” said Chief Guy Ficco of IRS-CI. “For more than 100 years, IRS Criminal Investigation special agents have been following the money, and their financial expertise has once again stopped criminals in their tracks.”  

Axios reports that the Federal prosecutors recently charged five individuals linked to this operation, including Chapman, for playing a role in the elaborate scheme. 

The scheme reveals significant cyber vulnerabilities in current remote hiring processes across the U.S. It’s reported that North Korean nationals used generative AI tools to craft convincing resumes and are becoming more adept as posing as American citizens to secure remote tech jobs.  

The use of AI-related tools is similar to a sophisticated deepfake scheme encountered by British engineering firm Arup. The firm recently fell victim to a sophisticated deepfake scam, resulting in a $25 million loss.   

Law enforcement and government agencies worldwide are increasingly concerned about the malicious applications of deepfake technology, which can convincingly mimic real people’s appearances and voices. 

The advancement of consumer-level tools also makes it increasingly difficult for employers to verify the authenticity of job applicants through traditional identity checks, and this is cause for concern for the global workforce moving towards a digital-first and increasingly automated world. 

It is leading 63% of organizations to embrace zero-trust polices, where network security is always assumed to be at risk, as a cautionary measure to better protect workers and assets.