Axios Obtains Report on North Korean IT Operations
Attempts to Secure High-Paying Jobs
Funds Used for North Korea's Missile Program
A report has revealed that North Korea established shell companies in China to deceive Western businesses and covertly place its information technology (IT) workers in jobs.
According to Axios on May 13 (local time), Strider Technologies, a cyber intelligence platform that collaborates with eight of the Fortune 10 companies, stated in a newly released report that it had identified 35 China-based companies linked to North Korea’s IT workforce operations.
These companies are believed to be associated with Liaoning China Trade Industry Co., which is subject to U.S. sanctions. The company was previously sanctioned for exporting IT equipment to North Korean government agencies. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced on January 16 that it had added Liaoning China Trade to its sanctions list for supplying laptops and other equipment to the 53rd Bureau of the North Korean Ministry of People’s Armed Forces for use by North Korean IT workers.
Strider identified three of the 35 companies as key organizations directly involved in financial flows related to North Korean IT activities. These include Dandong Deyun Trading, registered as a textile and electronics wholesaler; Guangzhou Aiixi Trading, a cosmetics and clothing wholesaler; and Yongping Zhuoren Mining, registered as a minerals and construction materials wholesaler.
For years, North Korean IT professionals have sought high-paying jobs at U.S. companies. The foreign currency earned through these positions is reportedly funneled into North Korea’s missile program. Most Fortune 500 companies are grappling with attempts by North Korean IT workers to gain employment at their firms. However, due to concerns about legal sanctions and reputational damage, most companies do not publicly address the issue. Google also recently disclosed at the RSA Conference that North Korean IT workers had applied for positions at the company. Security firms SentinelOne and KnowBe4 have admitted to having actually hired such individuals in the past.
Recently, according to Strider CEO Greg Levesque, the strategy has shifted beyond simply earning money to collecting sensitive information, such as internal corporate data and intellectual property.
Levesque stated, "What we are all coming to realize is that the scale and scope of this industry?North Korea’s covert IT employment?are much larger than people initially understood."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
