The Biden administration is warning that information technology workers skilled in developing dating apps and mobile games may actually be North Koreans infiltrating the tech sector to benefit their country’s weapons and missile programs.
The FBI, State Department, and Treasury Department issued a joint advisory statement this week saying North Korea has dispatched thousands of high-skilled workers to North America, Europe, and East Asia to earn money for the regime’s weapons and missile programs. The insiders also “have used the privileged access gained as contractors to enable [North Korea’s] malicious cyber intrusions.”
“In many cases, [North Korean] IT workers represent themselves as U.S.-based and/or non-North Korean teleworkers,” the advisory said. “The workers may further obfuscate their identities and/or location by subcontracting work to non-North Koreans.”
The tech workers come from North Korean entities responsible for the research and development of nuclear and conventional weapons, including the 313 General Bureau of the Munitions Industry Department (MID) and the Ministry of Atomic Energy Industry; as well as government offices focused on trade, technology, science and education.
The stealth tech workers have targeted the development of dating apps, online gambling programs, mobile and web apps, mobile games, general IT support, artificial intelligence apps, virtual reality and augmented reality programming, facial recognition tech and hardware development, among other things, according to the advisory.
North Korean IT workers “can individually earn more than $300,000 a year in some cases, and teams of IT workers can collectively earn more than $3 million annually,” the advisory said. “A significant percentage of their gross earnings supports [North Korean leader Kim Jong Un’s] priorities,” including obtaining weapons of mass destruction.
The workers often present themselves as Chinese, Eastern European, Japanese, South Korean and U.S.-based teleworkers. They are located primarily in China and Russia, with a smaller contingent in Africa and Southeast Asia.
As an example of how North Koreans have concealed their work, the advisory cited Yanbian Silverstar Network Technology Co., which was purportedly a Chinese IT company but was really managed and controlled by North Koreans, The company, sanctioned by the U.S. in 2018, also created a Russia-based front company known as Volasys Silver Star.
The Biden administration said “red flag” indicators of suspect workers include inconsistencies in the spelling of their names, nationality, work location, contact information, educational and work history, and other details in their social media profiles and the developers’ freelance platform and portfolio websites.
The U.S. government warned that potential legal consequences for supporting the workers include violations of U.S. sanctions.
“All [North Korean] IT workers earn money to support North Korean leader Kim Jong Un’s regime,” the advisory said. “The vast majority of them are subordinate to and working on behalf of entities directly involved in [Pyongyang’s] U.N.-prohibited WMD and ballistic missile programs, as well as its advanced conventional weapons development and trade sectors.”