Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.
Kim Jong Un in Russia via Getty Images
Photo by Contributor/Getty Images

Don’t panic, but the remote IT person at your company might be working for North Korea

Next time your Outlook crashes, North Korea might answer the call.

Remote work might be the way of the future but according to the U.S. Department of Justice, that remote IT person at your company could be a North Korean national, and the money you pay him or her might go straight back to their home country, the Democratic People’s Republic of Korea, or DPRK.

Recommended Videos

According to the DOJ, two North Korean nationals, two U.S. Nationals, and one man from Mexico were indicted on Jan. 23 on charges they ran a multiyear “laptop farm” in the United States, through which North Korea‘s Jin Sung-Il and Pak Jin-Song obtained remote IT work with at least 64 U.S. companies, generating nearly $900,000 in revenue for the DPRK while evading sanctions. Erick Ntekereze Prince and Emanuel Ashtor, both from the U.S., and Pedro Ernesto Alonso De Los Reyes, from Mexico, were also indicted for their role in facilitating the scam.

American laptops, DPRK workers

https://twitter.com/FBI/status/1882790551075872963
via FBI/X

According to the DOJ, the five men indicted scammed American companies between 2018 and 2024. The companies provided the laptops, thinking they’d hired American workers, but in fact, the laptops resided in so-called “laptop farms,” in this case, in North Carolina. The DPRK knowingly sends workers to other countries, most often Russia or China, who then get hired as freelance IT workers and remotely access those laptops. A Chinese bank then launders the money they’re paid, directly funding the DPR and the Kim Jong Un regime, including the DPRK’s weapons of mass destruction programs.

The DOJ says fraudulent DPRK IT employees have earned up to $300,000 a year, and various “laptop farm” schemes have generated hundreds of millions for North Korea. The hiring companies all provided fake email addresses, social media accounts, online job site accounts, and more. The IT workers in this case used stolen or assumed U.S. identities to secure the work.

“The indictments announced today should highlight to all American companies the risk posed by the North Korean government,” the FBI’s Cyber Division’s Assistant Director Bryan Vorndran said, referring to the most recent case, adding, “As always, the FBI is available to assist victims of the DPRK. Please reach out to your local FBI field office should you have any questions or concerns.”

Post-COVID, the problem got worse

https://twitter.com/FBI/status/1872386969268883535

According to John Hultquist, head of threat intelligence at the cybersecurity firm Mandiant, the shift to remote work around the world and gig economy jobs in general have left U.S. companies particularly vulnerable to such scams. FBI special agent Jay Greenberg told the AP if your company has hired a remote IT professional, then at some point, it has “more than likely” hired a North Korean national working under an assumed identity.

“At a minimum, the FBI recommends that employers take additional proactive steps with remote IT workers to make it harder for bad actors to hide their identities,” Greenberg said. Cybersecurity expert Hultquist added, “I think the post-COVID world has created a lot more opportunity for them because freelancing and remote hiring are a far more natural part of the business than they were in the past.”


We Got This Covered is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission. Learn more about our Affiliate Policy
Author
Image of William Kennedy
William Kennedy
William Kennedy is a full-time freelance content writer and journalist in Eugene, OR. William covered true crime, among other topics for Grunge.com. He also writes about live music for the Eugene Weekly, where his beat also includes arts and culture, food, and current events. He lives with his wife, daughter, and two cats who all politely accommodate his obsession with Doctor Who and The New Yorker.