US warns firms over incognito North Koreans seeking tech jobs

WASHINGTON, May 17 — The US government warned yesterday that North Koreans are hiding their identities to try to get contract jobs in the global technology sector, and said such workers pose major security risks.

The FBI, Treasury Department and State Department issued a joint advisory saying that North Korean information technology workers were posing as nationals of China, South Korea, Japan, Eastern Europe, and the United States to seek jobs.

The North Koreans “target freelance contracts from employers located in wealthier nations, including those in North America, Europe, and East Asia,” they said in the statement.

And at times they do deals with others, not from North Korea, to act as go-betweens who help arrange and complete the contracts for the North Korean workers.

The North Korean managers “use their outsourced employees to make software purchases and interact with customers in situations that might otherwise expose” them, it said.

The ruse helps companies get around the hefty sanctions placed on Pyongyang for its nuclear weapons programme to acquire goods and services from abroad.

The advisory says that while much of the surreptitious job-seeking is to earn foreign exchange or to access virtual currency exchanges, some of the workers have helped Pyongyang’s government-backed hacking operations.

The workers also “may steal the customer account information of US or international banks to verify their identities with freelance platforms, payment providers, and companies employing” contract workers, it said.

Hiring the North Koreans “poses many risks, ranging from theft of intellectual property, data, and funds to reputational harm and legal consequences, including sanctions under both US and United Nations authorities,” it said. — AFP