A warning has been issued indicating that North Korean IT personnel are disguising their employment in global corporations, not only earning foreign currency but also posing a security threat. While major corporations in the U.S. and Europe have belatedly realized that they have employed North Korean personnel, the seriousness of the issue is reportedly increasing.
According to Axios on the 19th (local time), it has been revealed that a significant number of Fortune Global 500 corporations unintentionally hired North Korean staff. A representative from a cybersecurity company noted, 'I have never seen a corporation that hasn't hired North Korean personnel.' Google confirmed that applicants from North Korea participated in its hiring process, and some corporations acknowledged having employed North Korean personnel for years.
North Korea is reportedly earning foreign currency through high-paying remote jobs while also infiltrating corporations and stealing intellectual property. Michael Van Hart, a senior researcher at the U.S. security firm DTEX Systems, stated, 'North Korean personnel are exponentially expanding their hacking operations using AI,' adding that 'they have already reached a level where they are extracting corporations' intellectual property and directly executing projects.'
In this process, North Korean personnel are reportedly conducting multilayered operations, mobilizing Chinese shell corporations and American accomplices. After passing the hiring process using fake identification documents, fake resumes, and AI-generated profiles, they remotely access laptops provided by companies by collecting them in so-called 'laptop farms' managed by accomplices in the U.S. The Federal Bureau of Investigation (FBI) conducted searches of 21 buildings across the U.S. last month and secured 137 laptops.
During this process, it has been reported that North Korea is closely linked with well-known entities involved in cryptocurrency hacking, such as the Lazarus Group, APT45, which leads corporate infiltration, and 'Center 227,' responsible for AI research.
Experts are concerned that North Korean IT personnel may infiltrate the defense industry and other security sectors beyond simply earning foreign currency. Van Hart noted, 'North Korean personnel are showing interest in drone manufacturing, AI model development, and tasks related to defense contracts,' pointing out that 'this is not just an economic issue but a national security threat.'
While U.S. and European corporations are taking steps to filter out North Korean personnel, the decentralized hiring processes and the often high skill levels of these individuals make identification difficult. A security expert explained, 'Even in the interview process, North Korean personnel deceive hiring managers with proficient English and technical skills,' adding that 'even when discovered, there are cases where they attempt legal action against the corporations or steal data during the firing process.'
Authorities point out that corporations are hesitant to report violations of sanctions due to concerns about penalties. Consequently, law enforcement has focused more on cooperation than prosecution, actively urging corporations to report.
A security industry official stated, 'The activities of North Korean IT personnel are spreading beyond the U.S. to Europe,' warning that 'if countries around the world do not cooperate, corporate infiltration and security threats will only grow.'