Amazon has blocked over 1,800 North Koreans from joining the company, amid concerns that Pyongyang is sending large numbers of IT workers overseas to earn and launder funds. According to Amazon’s Chief Security Officer, Stephen Schmidt, North Korean workers have been attempting to secure remote IT jobs with companies worldwide, particularly in the US. The company has seen a nearly one-third rise in applications by North Koreans in the past year.
Schmidt explained that the North Koreans typically use “laptop farms” – a computer in the US operated remotely from outside the country. He warned that the problem is not specific to Amazon and is likely happening at scale across the industry. Tell-tale signs of North Korean workers include wrongly formatted phone numbers and dodgy academic credentials.
The issue is part of a larger pattern of North Korean cyber activities. In July, a woman in Arizona was sentenced to over eight years in prison for running a laptop farm that helped North Korean IT workers secure remote jobs at over 300 US companies, generating over $17 million in revenue. Seoul’s intelligence agency has also warned that North Korean operatives have used LinkedIn to pose as recruiters and approach South Koreans working at defense firms to obtain information on their technologies.
Analysts believe that North Korea’s cyber-warfare program, which dates back to the mid-1990s, is aimed at stealing financial assets. The program has grown into a 6,000-strong cyber unit known as Bureau 121, which operates from several countries. The US has announced sanctions on eight individuals accused of being “state-sponsored hackers” whose illicit operations were conducted to fund the regime’s nuclear weapons program by stealing and laundering money.
The US Department of the Treasury has accused North Korea-affiliated cybercriminals of stealing over $3 billion over the past three years, primarily in cryptocurrency. The blocking of North Korean applicants by Amazon highlights the need for companies to be vigilant in their hiring processes and to implement robust security measures to prevent cyber threats. As the threat of cyber attacks continues to evolve, it is essential for companies to stay informed and take proactive steps to protect themselves and their assets.
