South Korean authorities warned businesses against inadvertently hiring IT staff from North Korea who mask their true identities and take advantage of remote opportunities to skirt international sanctions and earn cash, which is used to bankroll the isolated country’s nuclear and missile programs.
“These workers are making millions of dollars annually for the work they do for global IT companies. … And by the day, the money they bring in is making up a bigger part of the dollar operation,” authorities said Thursday in the advisory, referring to North Korea’s foreign remittances from its overseas workers -- a longstanding campaign believed to fund its weapons program.
The rogue North Korean freelancers use fake IDs or borrow accounts online to get jobs involving software and mobile development, and they refuse to take part in video calls to avoid being caught red-handed, according to the advisory -- jointly issued by the Foreign, Unification, Science and Labor ministries as well as the intelligence and police agencies and antitrust watchdog.
Once those rogue freelancers have developed working ties, they directly communicate with companies without agents who provided the accounts, the advisory added, noting most of the IT staff work for government bodies connected to North Korea’s ruling party and military, which face United Nations sanctions.
But how those highly skilled workers landed jobs and whether the companies that hired them suffered any real damage could not be made public, according to a senior Foreign Ministry official who briefed reporters about the latest interagency crackdown. Where the cybercrimes took place most often was neither revealed, because of security protocols.
For Pyongyang, cybercrimes -- from distributing malware to brazen attacks on financial systems -- have been a fact of life for some time. According to a report released Wednesday by Google’s Threat Analysis Group, North Korean hackers had referenced the recent Halloween crowd crush in Seoul to distribute malware, faking a government report on the tragedy that contained a virus.
Tougher international sanctions that kicked in six years ago when North Korea conducted a nuclear test in January that year had forced the regime to exploit the less regulated cyberspace to get what it wants. And Pyongyang is showing no signs of abandoning the practice to keep supporting its nuclear and missile tests, as evidenced by the unprecedented frequency of its missile launches seen this year alone.
Next week, nuclear envoys from South Korea, Japan and the US will hold talks in Jakarta to discuss Pyongyang. The meeting, held to cement the three-way coalition, last took place in September in Tokyo. “Stern measures” designed to discourage North Korea from provocations were discussed then, according a source with direct knowledge of the matter, who declined to elaborate on steps debated.
Revealing them ahead of another North Korean provocation is counterproductive, the source noted, saying responses from now on would be “comprehensive” and “different” from ones previously endorsed.
The shared initiative is bringing closer Seoul and Tokyo -- the two Asian neighbors that have yet to put behind their longtime historical disputes that involve compensating Koreans forced to work for Japanese companies during World War II. This month, their top envoys for the US called for a thaw in ties, saying they need a united front on Pyongyang. Seoul is ready to contribute more to a stronger three-way coalition that includes Washington, according to South Korean Ambassador to the US Cho Tae-yong.
