South, U.S. warn companies about hiring North's IT workers

Seoul and Washington issued a joint statement on Thursday warning against hiring North Korean IT workers, whose income generates revenue for the regime’s nuclear and missile programs...

Miniatures of people with computers are seen in front of a North Korea flag in this illustration made on July 19. [REUTERS/YONHAP]

Seoul and Washington issued a joint statement on Thursday warning against hiring North Korean IT workers, whose income generates revenue for the regime’s nuclear and missile programs.

“This update identifies new tradecraft used by DPRK IT workers since the release of the 2022 advisories, including new indicators of potential DPRK IT worker activity and additional due diligence measures the international community, private sector, and public can take to prevent the hiring of DPRK IT workers,” reads the joint statement, referring to North Korea by the acronym of its full name, the Democratic People’s Republic of Korea.

North Korea deploys thousands of highly skilled IT workers around the world to generate revenue that supports its weapons programs in violation of the U.S. and UN sanctions, according to the U.S. State Department.

These IT developers, including programmers or graphic designers, could be hired as freelancers to work on mobile or web-based applications, cryptocurrency exchange platforms or digital coins, graphic animation, online gambling programs, mobile games, AI-related applications and virtual reality programs.

The latest guidance highlighted some of the red flag indicators that the company may have hired a North Korean IT worker, including the unwillingness of the worker to appear on camera, conduct video interviews or meetings or meet in person, as well as repeated requests for prepayment.

The guidance also included advice on conducting due diligence checks on all IT freelancers to prevent unwittingly hiring a North Korean IT worker.

Anyone based in South Korea who suspects they may have hired a North Korean IT worker should report to the National Intelligence Service or the National Police Agency. Anyone in the United States should report to the FBI Internet Crime Complaint Center, said the joint statement.

The latest statement followed a series of meetings between the top nuclear envoys of Seoul, Washington and Tokyo in Indonesia earlier this week.

A graphic showing how a North Korean IT worker works under a pseudo-identity provided by the U.S. State Department in its advisory released in May 2022. [SCREEN CAPTURE]

In their meetings on Monday and Tuesday, South Korean nuclear envoy Kim Gunn, U.S. nuclear envoy Sung Kim and Japanese nuclear envoy Hiroyuki Namazu voiced concerns about strengthened military cooperation between North Korea and Russia and vowed to respond strongly to any provocations from the North, including the launch of a spy satellite into space.

The North, after several botched attempts, said it would try to launch the satellite again within October.

The meetings, held for the first time since Namazu was appointed, were previously held in July in Japan.

BY ESTHER CHUNG [chung.juhee@joongang.co.kr]