IT workers making big money for North through crime, freelance work

이준혁 2023. 6. 7. 18:32
자동요약 기사 제목과 주요 문장을 기반으로 자동요약한 결과입니다.
전체 맥락을 이해하기 위해서는 본문 보기를 권장합니다.

"[Section] 702 reporting allowed the State Department and other agencies to notify partners and allies about illicit North Korean cyber activities," the spokesperson said, noting that intelligence gathered through FISA last year "was vital in warning the international community, the private sector and the public about efforts by the DPRK to deploy information technology workers to fraudulently gain employment and generate revenue for its nuclear program."

The spokesperson said that IT workers from the North "take advantage of the demand for specific IT skills to obtain freelance employment contracts from clients around the world, including in North America, Europe and East Asia," and that employing such workers carries the risk of giving them "privileged access gained through these positions to enable malicious cyber operations."

글자크기 설정 파란원을 좌우로 움직이시면 글자크기가 변경 됩니다.

이 글자크기로 변경됩니다.

(예시) 가장 빠른 뉴스가 있고 다양한 정보, 쌍방향 소통이 숨쉬는 다음뉴스를 만나보세요. 다음뉴스는 국내외 주요이슈와 실시간 속보, 문화생활 및 다양한 분야의 뉴스를 입체적으로 전달하고 있습니다.

North Korean IT workers working for Pyongyang collectively made between $600 million and $1 billion in the past year through both cybercrime and foreign employment contracts, according to the U.S. State Department.
Park Hyeon-jun, chief of the National Police Agency's cyber intelligence division, speaks at a briefing on the results of the agency's investigation into the North's e-mail hacking operations at police headquarters on Wednesday. [YONHAP]

North Korean IT workers working for Pyongyang collectively made between $600 million and $1 billion in the past year through both cybercrime and foreign employment contracts, according to the U.S. State Department.

“The DPRK uses stolen funds from its cyber program to advance its unlawful [weapons of massive destruction] and ballistic missile programs,” a department spokesperson told Voice of America on Monday, referring to the North by the acronym for its official name, Democratic People’s Republic of Korea.

“According to the UN Panel of Experts and multiple industry reports, the DPRK stole anywhere from $1 billion to $2.3 billion between 2017 and 2022 and between $600 million and $1 billion in 2022 alone,” the spokesperson added.

The spokesperson said that Washington has informed allies of Pyongyang’s cyber activities through monitoring conducted under section 702 of the Foreign Intelligence Surveillance Act (FISA), which empowers the U.S. government to conduct targeted surveillance of foreign persons located outside the United States.

The act mandates cooperation from electronic communication service providers in the U.S. government’s collection of foreign intelligence information.

“[Section] 702 reporting allowed the State Department and other agencies to notify partners and allies about illicit North Korean cyber activities,” the spokesperson said, noting that intelligence gathered through FISA last year “was vital in warning the international community, the private sector and the public about efforts by the DPRK to deploy information technology workers to fraudulently gain employment and generate revenue for its nuclear program.”

The spokesperson said that IT workers from the North “take advantage of the demand for specific IT skills to obtain freelance employment contracts from clients around the world, including in North America, Europe and East Asia,” and that employing such workers carries the risk of giving them “privileged access gained through these positions to enable malicious cyber operations.”

The U.S. government first issued an advisory in May last year saying the use of freelance IT staff by the North was a way for it to bypass U.S. and UN sanctions and earn foreign exchange for its nuclear weapons and ballistic missile programs.

The advisory added that such workers pretended to be from South Korea, Japan, or other Asian countries.

It also warned companies and potential IT employers about suspicious signs from such freelancers, including a refusal to participate in video calls and requests to receive payments in virtual currency.

Most of the money they earn is confiscated by the North Korean government, the U.S. said.

Companies who hired and paid such workers would be exposing themselves to legal consequences for sanction violations, the U.S. warned.

Trade between the North and China also suggest the regime has stepped up alternative exports to earn foreign currency amid sanctions targeting its agricultural and natural resource exports.

According to Chinese customs data from April, the North exported 30 tons of wigs and artificial eyelashes to Henan Province amounting to $11.22 million — about half of the total $22.68 million worth of hair-related products that North Korea exported to China in the same period.

Henan in particular has risen as an export destination for the North Korean wigs, leapfrogging Liaoning and Jilin provinces, which neighbor the North.

Wig production in Henan outstrips Chinese domestic demand, and the largest share of the province’s wig exports, which total $6.2 billion, are shipped to the United States, raising concerns that U.S. importers could inadvertently purchase North Korean-sourced hairpieces.

While wigs are not sanctioned under United Nations Security Council resolutions against Pyongyang, South Korea and the United States prohibit the import and resale of all North Korean goods and products made using North Korean components without prior authorization.

In 2019, the U.S. Treasury Department fined a California company $1 million after fake eyelashes it imported from two Chinese companies between 2012 and 2017 were found to contain materials sourced from the North.

BY MICHAEL LEE [lee.junhyuk@joongang.co.kr]

Copyright © 코리아중앙데일리. 무단전재 및 재배포 금지.

이 기사에 대해 어떻게 생각하시나요?