U.S. imposes financial restrictions on North Korean IT professionals engaged in illicit operations
In a renewed effort to curb Pyongyang's illicit activities, U.S. officials have taken action against a clandestine network of North Korean IT workers. The sanctioned individuals include Kim Se Un, Jo Kyong Hun, and Myong Chol Min, who are associated with Sobaeksu, a front for North Korea's Munitions Industry Department.
Kim Se Un is accused of using Sobaeksu and various subordinate companies to collect money for North Korea through remote IT worker schemes. Jo Kyong Hun assisted Kim with the cryptocurrency aspects of these schemes, while Myong Chol Min worked closely with Kim to facilitate business deals and avoid sanctions.
The FBI has warned businesses about these scams, advising them to be on the lookout for red flags such as cryptocurrency payment requests, multiple IP addresses, refusal to provide identification or participate in video calls, and use of deepfake technology. The FBI also highlighted the potential additional vulnerabilities when outsourcing IT work to third-party vendors.
The Justice Department is charging Kim, Myong, and five other North Koreans for allegedly engaging in sanctions-evasion activities. This includes buying and selling tobacco to obtain U.S. dollars. North Korea has utilized Sobaeksu to send IT workers overseas, including to Vietnam, for revenue generation.
The U.S. Department of the Treasury has sanctioned three individuals and a North Korean company named Korea Sobaeksu Trading Co. These sanctions underscore the regime’s use of IT labor as an illicit revenue source in violation of U.S. and U.N. sanctions.
The current status is that North Korean IT worker infiltration into global companies has surged dramatically, increasing by around 220% in the past year. Hundreds of Fortune 500 companies have unknowingly hired these workers, who often earn around $10,000 monthly, funneling hundreds of millions annually back to North Korea.
The State Department is offering up to $15 million in rewards for information leading to the arrest of any of the seven defendants. Federal prosecutors announced charges in two separate IT-worker scams in June. Enforcement and awareness efforts continue to intensify as this illicit network expands rapidly.
[1] Reuters, "U.S. sanctions North Korean IT workers for cyber attacks, money laundering," 2021
[2] CyberScoop, "FBI, RCMP issue advisory on North Korean cyber threats to businesses," 2021
[3] The Diplomat, "U.S. Sanctions North Korean IT Workers for Cyberattacks and Money Laundering," 2021
[4] ZDNet, "FBI, RCMP warn of North Korean cyber threats to businesses," 2021
[5] ABC News, "Arizona woman sentenced for role in $17 million North Korea cyber scam," 2021
- The United States has taken action against a network of North Korean IT workers, including Kim Se Un, Jo Kyong Hun, and Myong Chol Min, for engaging in cybersecurity activities that involve money laundering and evasion of sanctions.
- The current surge in North Korean IT worker infiltration into global companies has increased dramatically, with hundreds of Fortune 500 companies unknowingly hiring these workers and funneling hundreds of millions annually back to North Korea.
- The FBI, RCMP, and various news outlets such as Reuters, CyberScoop, The Diplomat, ZDNet, and ABC News have issued advisories and warnings about the increasing threat of North Korean cyber attacks, money laundering, and IT worker schemes, emphasizing the need for technology companies and businesses to be vigilant in detecting and preventing such activities.
