North Korea IT workers using fake identities to land jobs

USING fake names, sham LinkedIn profiles, counterfeit work papers and mock interview scripts, North Korean IT workers seeking employment in Western tech companies are deploying sophisticated subterfuge to get hired.

Landing a job outside North Korea to secretly earn hard currency for the isolated country demands highly developed strategies to convince Western hiring managers, according to documents reviewed by Reuters, an interview with a former North Korean IT worker and cybersecurity researchers.

North Korea has despatched thousands of IT workers overseas, an effort that has accelerated in the last four years, to bring in millions to finance Pyongyang’s nuclear missile programme, according to the United States, South Korea, and the United Nations.

“People are free to express ideas and opinions,” reads one interview script used by North Korean software developers that offers suggestions for how to describe a “good corporate culture” when asked. Expressing one’s thoughts freely could be met with imprisonment in North Korea.

The scripts totalling 30 pages, were unearthed by researchers at Palo Alto Networks, a US cybersecurity firm which discovered a cache of internal documents online that detail the workings of North Korea’s remote IT workforce.

The documents contain dozens of fraudulent resumes, online profiles, interview notes and forged identities that North Korean workers used to apply for jobs in software development.

Reuters found further evidence in leaked darkweb data that revealed some of the tools and techniques used by North Korean workers to convince firms to employ them in jobs as far afield as Chile, New Zealand, the US, Uzbekistan and the United Arab Emirates.

The documents and data reveal the intense effort and subterfuge undertaken by North Korean authorities to ensure the success of a scheme that has become a vital lifeline of foreign currency for the cash-strapped regime.

Remote IT workers can earn more than 10 times what a North Korean labourer working overseas in construction or other manual jobs earns, the US Justice Department (DOJ) said in 2022, and teams of them can earn more than US$3 million a year.

Some of the scripts, designed to prepare the workers for interview questions, contain excuses for the need to work remotely.

“Richard”, a senior embedded software developer, said “I (flew) to Singapore several weeks ago. My parents got Covid and I (decided) to be with family members for a while.

“Now, I am planning to go back to Los Angeles in three months. I am thinking that I could start work remotely right now, then I will be on board when I go back to LA.”

A North Korean IT worker who recently defected also examined the documents and confirmed their authenticity to Reuters: “We would create 20 to 50 fake profiles a year until we were hired,” he said.

“Once I was hired, I would create another fake profile to get a second job,” said the worker, who spoke on condition of anonymity, citing security concerns.

In October, the DOJ and Federal Bureau of Investigation seized 17 website domains it said were used by North Korean IT workers to defraud businesses and US$1.5 million in funds.

North Korean developers working at US companies had hidden behind pseudonymous email and social media accounts and generated millions of dollars a year on behalf of sanctioned North Korean entities through the scheme, the DOJ said.

“There is a risk to the North Korea government, as these privileged workers are exposed to dangerous realities about the world and their country’s enforced backwardness,” said Sokeel Park of Liberty in North Korea, an organisation that works with defectors.

Last year, the US government said North Korean IT workers were mainly located in China and Russia, with some in Africa and Southeast Asia, and can each earn up to US$300,000 annually.

According to his experience, the former IT worker said all are expected to earn at least US$100,000, of which 30-40 per cent is repatriated to Pyongyang, 30-60 per cent spent on overhead expenses, and 10-30 per cent pocketed by workers.

He estimated there were around 3,000 others like him overseas, and another 1,000 based within North Korea.

“It differs between people but, basically, once you get a remote job you can work for as little as six months, or as long as three to four years.

“When you can’t find a job, you freelance.”

The writer is from Reuters

The views expressed in this article are the author’s own and do not necessarily reflect those of the New Straits Times

© New Straits Times Press (M) Bhd

Source link