According to officials from the FBI and the Department of Justice, a significant number of information technology professionals employed by U.S. companies have been covertly channeling millions of dollars from their earnings to North Korea to support its ballistic missile program. This revelation emerged after the Justice Department disclosed on Wednesday that North Korean IT workers, operating under false identities, had been engaged as remote contractors for businesses in St. Louis and other locations across the United States. The money they earned was funneled into North Korea’s weapons program, as stated during an FBI press conference in St. Louis.
Legal documents indicate that North Korea’s government deployed numerous skilled IT professionals, primarily residing in China and Russia, to deceive U.S. and international businesses into hiring them as freelance remote workers. To create the illusion of working within the U.S., these individuals employed various tactics, such as compensating Americans for the use of their home Wi-Fi connections, according to Jay Greenberg, the special agent in charge of the St. Louis FBI office.
Greenberg mentioned that it is highly likely that any company employing freelance IT workers inadvertently participated in this scheme. An FBI spokesperson confirmed that North Koreans were contracted by companies both in the U.S. and in other countries, with thousands of North Korean IT workers involved.
As part of the ongoing investigation, federal authorities revealed the seizure of $1.5 million and the confiscation of 17 domain names. The prevalence of this scheme prompted FBI officials to advise companies to exercise greater caution when verifying the identities of remote IT workers, even suggesting the implementation of video interviews as a minimum requirement.
These IT workers managed to amass millions of dollars annually to support North Korea’s weapons programs. In certain cases, they infiltrated corporate networks and pilfered sensitive data from their employers. Furthermore, they maintained access to facilitate future hacking and extortion activities, according to the Justice Department.
Officials did not disclose the identities of the companies unknowingly employing North Korean workers, the commencement date of this practice, or the means by which investigators discovered it. Nevertheless, federal authorities have been aware of this operation for an extended period.
In May 2022, the State Department, Department of the Treasury, and the FBI issued an advisory warning of attempts by North Koreans “to obtain employment while posing as non-North Korean nationals.” The advisory noted that in recent years, the regime of Kim Jong Un “has placed increased focus on education and training” in IT-related subjects.