OFAC Publishes Advisory About North Korea Information Technology Workers
The departments of State and the Treasury, along with the FBI, issued a May 16 advisory regarding possible attempts by North Korean IT workers to obtain employment while posing as non-North Korean nationals, according to a notice from the Office of Foreign Assets Control.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
North Korea sends "thousands of highly-skilled IT workers" around the world to generate revenue via remittances back to its government to support its weapons of mass destruction and ballistic missile programs, the notice says. The workers generally target freelance contracts from wealthier nations and present themselves as Chinese, Japanese or South Korean, via telework opportunities. Some have been known to further obfuscate their identities by working through third-party subcontractors. Although the advisory notes that the primary purpose of the workers has been to finance remittance payments to North Korea, some have engaged in malicious IT work, including sharing access to critical infrastructure or aiding in the sale of stolen data.
The advisory lays out potential red flags for freelance IT work and payment platforms, and warns companies employing freelance IT workers what to look out for along with potential mitigation strategies. The advisory states that OFAC can potentially sanction individuals and companies for operating on behalf of North Korea in cybersecurity or IT. A guidance fact sheet also was published.