The Growing Harms of North Korea’s Cyber Troopers

 

The Growing Harms of North Korea’s Cyber Troopers

What Happened: With North Korea under strict sanctions due to its nuclear and missile programs, the regime is always looking for new ways to earn foreign currency. One growing program involves employing North Koreans as contract IT workers – which has the advantage of both earning millions for the Kim Jong Un regime and giving North Koreans access to sensitive data and even critical infrastructure, all under the guise of legitimate IT professionals.
 

Based on open source information from intelligence agencies, as well as industry sources, Glenn Chafetz, the director of 2430 Group, unravels the mystery of North Korea’s IT workers in an article for The Diplomat. Somewhere between 8,000-12,000 North Koreans are believed to be working as IT professionals, often using false identities and sometimes even pretending to be based in the U.S. “Today, North Korean IT workers learn in-demand coding languages, including knowledge of leading-edge AI and ML products, to secure employment at prominent companies using the most advanced technologies,” Chafetz describes. They use a sophisticated mix of digital and physical tactics to obscure who they are, from IP spoofing to having real U.S. residents receive mail on their behalf.

What Comes Next: Hiring a North Korean not only poses cybersecurity risks, but opens up a company to the risk of violating U.S. and U.N. sanctions. But most U.S. companies aren’t equipped to check if the remote IT worker they just hired might be a North Korean – or even aware this is a possibility. “Pyongyang has exploited a unique moment in the evolution of IT services’ business model to attack a target ill-suited to defend itself,” Chafetz concludes. “Few private companies are even aware of the threat, let alone constituted to address it effectively.”