Friend
Professional
- Messages
- 2,653
- Reaction score
- 850
- Points
- 113
Former CIA agents told how North Korea found sources of income in the West.
The American technology company Cinder faced an unusual problem - in their database of candidates for vacancies there were North Korean engineers who are supposed to work in the interests of the DPRK government.
Cases like this are becoming more common among U.S. companies that hire employees to work remotely. North Korean engineers, for example, in China, are trying to get remote positions in American companies in order to earn money for the DPRK by working under false names.
Cinder notes that North Korea has long sent its citizens abroad to earn funds, which then go to the state treasury. Such workers are required to meet wage quotas, a large part of which is at the disposal of the government. To prevent escapes, the families of employees remain in North Korea as "hostages".
The situation has escalated since the COVID-19 pandemic, with a surge in remote job openings, especially in the tech industry. Many engineers from the DPRK are attracted by high salaries in the United States, which can be several times higher than their monthly quotas. Former North Korean businessman Hyun-Seung Lee said that the quota for an IT worker from the DPRK working in China is about $6,000 per month, and many companies in the United States can easily cover this amount.
Cinder, whose founders are former CIA officers, was able to quickly recognize and neutralize the threat. Cinder executives have previously worked on cybersecurity and human rights issues in North Korea, which helped them quickly identify suspicious candidates.
One of the founders of Cinder noted that working for the CIA helped the company recognize the working methods of North Korean specialists. Candidates suspected of working for the DPRK often had no online presence outside of corporate networks, used newly created profiles and altered (or AI-generated) photos, and were poorly versed in the technology and locations they indicated on their resumes. In addition, such candidates showed a strong reluctance to travel and adhered to pre-prepared answers to questions.
Cinder began to screen candidates more thoroughly, using additional techniques to analyze their work history, social media profiles, and interview behavior. Despite this, sometimes suspicious candidates still reached the interview stage, where their deceptions were revealed in the process of communication. In one such case, the candidate, having learned that Cinder's clients were investigating state espionage, instantly ended the Zoom call and did not get in touch again.
Currently, Cinder continues to receive applications from North Korean engineers and actively shares information with partners in the security and recruiting industries. Companies recommend carefully vetting candidates, especially those who insist on working fully remotely, to avoid unwanted collaborations.
Recall that in early August, 38-year-old Matthew Isaac Knuth was arrested in the United States on charges of helping North Korean IT specialists get remote work in American companies. The arrested man created conditions for specialists from North Korea, using fake data, to pretend to be US citizens. Knuth set up a so-called "laptop farm" — he received computers sent in the name of a fictitious citizen, installed remote access software on the laptops, and allowed North Korean hackers to operate from China, creating the illusion of a presence in the United States.
Source
The American technology company Cinder faced an unusual problem - in their database of candidates for vacancies there were North Korean engineers who are supposed to work in the interests of the DPRK government.
Cases like this are becoming more common among U.S. companies that hire employees to work remotely. North Korean engineers, for example, in China, are trying to get remote positions in American companies in order to earn money for the DPRK by working under false names.
Cinder notes that North Korea has long sent its citizens abroad to earn funds, which then go to the state treasury. Such workers are required to meet wage quotas, a large part of which is at the disposal of the government. To prevent escapes, the families of employees remain in North Korea as "hostages".
The situation has escalated since the COVID-19 pandemic, with a surge in remote job openings, especially in the tech industry. Many engineers from the DPRK are attracted by high salaries in the United States, which can be several times higher than their monthly quotas. Former North Korean businessman Hyun-Seung Lee said that the quota for an IT worker from the DPRK working in China is about $6,000 per month, and many companies in the United States can easily cover this amount.
Cinder, whose founders are former CIA officers, was able to quickly recognize and neutralize the threat. Cinder executives have previously worked on cybersecurity and human rights issues in North Korea, which helped them quickly identify suspicious candidates.
One of the founders of Cinder noted that working for the CIA helped the company recognize the working methods of North Korean specialists. Candidates suspected of working for the DPRK often had no online presence outside of corporate networks, used newly created profiles and altered (or AI-generated) photos, and were poorly versed in the technology and locations they indicated on their resumes. In addition, such candidates showed a strong reluctance to travel and adhered to pre-prepared answers to questions.
Cinder began to screen candidates more thoroughly, using additional techniques to analyze their work history, social media profiles, and interview behavior. Despite this, sometimes suspicious candidates still reached the interview stage, where their deceptions were revealed in the process of communication. In one such case, the candidate, having learned that Cinder's clients were investigating state espionage, instantly ended the Zoom call and did not get in touch again.
Currently, Cinder continues to receive applications from North Korean engineers and actively shares information with partners in the security and recruiting industries. Companies recommend carefully vetting candidates, especially those who insist on working fully remotely, to avoid unwanted collaborations.
Recall that in early August, 38-year-old Matthew Isaac Knuth was arrested in the United States on charges of helping North Korean IT specialists get remote work in American companies. The arrested man created conditions for specialists from North Korea, using fake data, to pretend to be US citizens. Knuth set up a so-called "laptop farm" — he received computers sent in the name of a fictitious citizen, installed remote access software on the laptops, and allowed North Korean hackers to operate from China, creating the illusion of a presence in the United States.
Source
