"It cites information from the US Government that these IT workers can earn more than $300,000 a year, and upwards of 100,000 North Koreans are spread across 40 countries generating approximately $500 million a year for Pyongyang. The threat of North Korean nationals operating as remote IT contractors or full-time technology staff inside unsuspecting companies has come to light over the past several years, yet the report says security experts are only starting to realize the scale and sophistication of the operation."
"The researchers found documents and spreadsheets revealing the roles within the fake IT worker ecosystem, comprising recruiters, facilitators, IT Workers and collaborators/brokers. Recruiters are, like bona fide recruitment staff, responsible for screening potential IT staff and recording interviews. These are sent to facilitators who decide whether to accept or deny them for employment, much like a hiring manager."
"However, it is unclear whether many candidates realize they are being recruited to work for the Norks. Recruiters may tell them the company they are applying to is an "early-stage stealth startup" with no published corporate information, often using the name "C Digital LLC." Candidates are mentored in applying for employment at western-based companies and given a US-based identity to use."
IBM X-Force and Flare Research have documented North Korea's extensive fake IT worker operation that infiltrates companies globally. The scheme involves over 100,000 North Korean nationals working as remote contractors or full-time IT staff across 40 countries, generating approximately $500 million annually for the regime. Individual workers earn over $300,000 yearly. The operation employs a structured ecosystem with recruiters, facilitators, IT workers, and collaborators/brokers. Recruiters screen candidates and conduct interviews, while facilitators act as hiring managers. Candidates are often deceived about their employer, told they're joining early-stage startups like "C Digital LLC," and provided false US-based identities. The scale and sophistication of this operation have only recently become apparent to security experts.
#north-korea-cyber-operations #fake-it-worker-schemes #corporate-infiltration #cybersecurity-threats #identity-fraud
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]