US tech giant Amazon has said it blocked more than 1,800 individuals linked to North Korea from applying for jobs, as Pyongyang continues to deploy IT
workers overseas to generate and funnel funds for the regime. In a LinkedIn post last week, Amazon’s Chief Security Officer Stephen Schmidt said North Korean operatives have been attempting to secure remote IT roles at companies across the globe, particularly in the United States. He noted that Amazon alone has seen nearly a 30% jump in such applications over the past year. Schmidt explained that many of these workers rely on so-called “laptop farms” — computers physically located in the US but operated remotely from abroad — to mask their true locations. He cautioned that the issue extends beyond Amazon and is likely widespread across the tech industry. According to Schmidt, common red flags include incorrectly formatted phone numbers and questionable academic credentials. The risks posed by such infiltration, he said, are not limited to employment fraud but also include potential financial theft and data security breaches. The concern is not theoretical. In July, a woman in Arizona was sentenced to over eight years in prison for running a laptop farm that helped North Korean IT workers land remote jobs at more than 300 US companies. Authorities said the scheme generated over $17 million for both the operator and the North Korean regime. Security agencies have repeatedly warned about similar tactics. Last year, South Korea’s intelligence service revealed that North Korean operatives had used LinkedIn to impersonate recruiters and target South Koreans working at defence firms to extract sensitive information. “North Korea is systematically training cyber personnel and placing them in strategic locations worldwide,” Hong Min, an analyst at the Korea Institute for National Unification, told AFP. He added that given Amazon’s scale and digital footprint, the motive behind such efforts is primarily economic, with a strong possibility of financial theft. North Korea’s cyber warfare capabilities date back to at least the mid-1990s and have since expanded into a specialised unit of around 6,000 personnel known as Bureau 121, according to a 2020 US military report. The unit is believed to operate from multiple countries. In November, the US government imposed sanctions on eight individuals accused of being state-backed hackers whose illicit activities were allegedly used to finance North Korea’s nuclear weapons programme. The US Treasury Department has claimed that cybercriminals linked to Pyongyang have stolen more than $3 billion over the past three years, largely through cryptocurrency-related crimes.
