North Korean IT workers seeking employment in Western tech companies have developed sophisticated strategies to get hired, according to a former North Korean IT worker, cybersecurity researchers, and documents reviewed by Reuters. These strategies involve the use of fake names, sham LinkedIn profiles, counterfeit work papers, and mock interview scripts. The purpose of this elaborate subterfuge is to enable these workers to earn hard currency for North Korea, which is then used to finance the country’s nuclear missile program.
Over the past four years, North Korea has sent thousands of IT workers overseas, with the goal of bringing in millions of dollars in foreign currency. The United States, South Korea, and the United Nations have all acknowledged this effort by North Korea. It is a vital lifeline of foreign currency for the cash-strapped regime.
The researchers at Palo Alto Networks, a U.S. cybersecurity firm, uncovered a cache of internal documents online that provide insight into the workings of North Korea’s remote IT workforce. These documents included fraudulent resumes, online profiles, interview notes, and forged identities that North Korean workers used to apply for jobs in software development.
Leaked darkweb data also revealed some of the tools and techniques used by North Korean workers to convince firms to employ them in various countries. These countries include Chile, New Zealand, the United States, Uzbekistan, and the United Arab Emirates.
One of the key motivations for North Korean IT workers to seek employment abroad is the significantly higher earning potential. The U.S. Justice Department stated that remote IT workers can earn more than ten times what a conventional North Korean laborer working overseas in manual jobs earns. In 2022, the department estimated that teams of remote workers can collectively earn over $3 million per year.
The methods employed by North Korean IT workers involve creating multiple fake profiles and using false narratives during interviews. For example, they might claim to have traveled to another country to be with family members who are ill. This allows them to request remote work, which is a key part of their subterfuge.
A North Korean IT worker who defected recently confirmed the authenticity of these techniques and stated that they would create multiple fake profiles until they were hired. Once hired, they would create another fake profile to secure a second job.
There is a risk involved for the North Korean government in allowing these workers to be exposed to the outside world. Sokeel Park, from the organization Liberty in North Korea, stated that these privileged workers become aware of the realities of the world and the enforced backwardness of their own country.
It is worth noting that not all North Korean IT workers are involved in espionage activities. While there may be links between hackers and IT workers, the defector explained that hackers are trained separately and are assigned to specific missions.
Overall, the elaborate strategies employed by North Korean IT workers seeking employment abroad highlight the lengths to which they go to earn foreign currency for their country. These strategies involve the use of fake identities, counterfeit documents, and carefully crafted narratives. At the same time, they also expose these workers to new ideas and perspectives that challenge the narrative imposed by their government.
Frequently Asked Questions (FAQ)
Q: Why do North Korean IT workers use fake names and identities?
A: North Korean IT workers use fake names and identities to hide their true identities and affiliations, as it allows them to circumvent sanctions and gain employment abroad more easily. They employ these strategies to earn foreign currency for the country, which is then used to finance North Korea’s nuclear missile program.
Q: How do North Korean IT workers convince Western hiring managers?
A: North Korean IT workers deploy elaborate subterfuge techniques, such as creating fake LinkedIn profiles, forging work papers, and using mock interview scripts. These strategies are designed to convince Western hiring managers of their qualifications and suitability for the job, despite the restrictions and limitations imposed by their government.
Q: What risks do North Korean IT workers face?
A: North Korean IT workers face the risk of exposure to dangerous realities about the world and the enforced backwardness of their own country. The privileged position they hold, working remotely and being exposed to the outside world, poses a potential threat to the North Korean government. These workers may gain access to information and perspectives that challenge the prescribed narrative imposed by their government.
Sources: Reuters, Palo Alto Networks