Gov't warns firms in South about North Korean techies

North Korea

Published: 08 Dec. 2022, 18:39 Updated: 08 Dec. 2022, 20:07

Gov't warns firms in South about North Korean techies

[SHUTTERSTOCK]

Beware of hiring tech-savvy North Koreans pretending to be what they are not, the Foreign Ministry warned companies in South Korea on Thursday.

“DPRK IT [information technology] workers are located all around the world, obfuscating their nationality and identities,” reads an advisory issued jointly by several government bodies in Seoul including the Foreign Ministry and the National Intelligence Service.

They were referring to North Korea by the acronym for its full name, the Democratic People’s Republic of Korea.

“They earn hundreds of millions of dollars a year by engaging in a wide range of IT development work, including [on] websites and [mobile] applications... and cryptocurrency development, after obtaining freelance employment contracts from companies around the world,” reads the advisory.

According to the South Korean government, thousands of North Korean IT experts were dispatched to countries in Asia and Africa, who would find work in programming as freelancers and earn money to remit to North Korea, which can be used for its weapons programs.

Many of these North Koreans were working for the North Korean Defense Ministry, according to the advisory.

While a UN sanctions resolution adopted in December 2017 states that all member nations should deport all North Korean workers living and working in their countries by December 2019, some of these workers have avoided deportation by switching to different visas, said the advisory.

They could be applying for jobs in Seoul.

“We have determined, through experiments, that it could be possible for North Korean nationals to successfully win contracts from South Korean companies, by applying for work with fake identification documents,” said Lee Jun-il, director general of the North Korean Nuclear Affairs Bureau of Foreign Ministry, in speaking with the press in Seoul on Thursday.

Lee Jun-il, director general of the North Korean Nuclear Affairs Bureau of Foreign Ministry, speaks with the press at the ministry headquarters in Seoul on Thursday. [NEWS1]

The ministry could not cite for the press any examples of North Korean IT experts having been hired by companies in the South.

Any company that knowingly hires a North Korean without Unification Ministry’s approval can be fined up to 30 million won or its executive sentenced to three years in prison. In the case a company hired a North Korean without realizing he or she was a North Korean national, there are no legal consequences, according to the National Police Agency.

The ministry said there are a few factors companies should look out for in hiring programmers and tech developers to avoid hiring an undercover North Korean.

“We recommend [companies] pay special attention in such cases... [where] developers are logged into their accounts continuously for a whole day... [and when you see] developer accounts whose cumulative working hours exceed several thousand hours,” it said in the advisory.

If in-person interviews are not possible, at least do video interviews, it advised.

“DPRK IT workers favor online text-based chat instead of video interviews,” said the advisory. “We highly recommend [IT companies] to tighten measures to verify identities of programmers, such as adding one more authentication step using video call for newly created accounts and requiring client companies to conduct a video interview before signing contracts with freelance programmers.”

The U.S. government issued a similar advisory against hiring North Korean IT workers in May.

Officials in Seoul and Washington have repeatedly announced in recent weeks they were mulling sanctions on North Korean cyber activities.

North Korea has attempted to steal as much as $2 billion through illicit cyber activities as of 2019 to try to fund its weapons programs, according to the State Department.

BY ESTHER CHUNG [chung.juhee@joongang.co.kr]