Don’t hire North Korean IT workers, FBI warns

Missiles pointed at sunset sky

The Federal Bureau of Investigation (FBI), the US Department of State, and the US Department of the Treasury have issued an advisory warning organisations against unknowingly hiring North Korean IT workers.

North Korean nationals have been known to apply for several freelance and remote working tech positions in US-based companies, with the roles often requiring expertise in app development, graphic animation, artificial intelligence (AI), AR/VR, biometrics, cryptocurrency, and general IT support.

When hired, the remuneration paid to the IT workers, who in some cases earn even $300,000 (£240,687) per year, is one of the main sources of revenue for the Democratic People's Republic of Korea’s (DPRK) nuclear weapons and ballistic missiles programme.

Assistance in funding DPRK’s military operations is against US federal law, the FBI warned on Monday, with those helping the country evade sanctions – even unknowingly – likely to face up to five years in prison as well as a fine of up to $250,000 (£200,810).


Save time, money and protect your mid-market business with strategic workforce solutions

Effectively handle your technology needs with superior capabilities to secure, manage, and support business PCs


To avoid potentially hiring North Korean nationals for tech roles, organisations have been urged to look out for inconsistencies in name spelling and personal information such as contact information or work location, as well as education history or biography. North Korean IT workers can be based in China, Russia, Southeast Asia, or even Africa to avoid suspicion, and often pose as nationals of other Asian countries. They are also likely to request payment in virtual currency in an attempt to avoid being identified by formal financial systems or use a freelance work platform as an intermediary.

To ensure that programmers and developers hired through freelance work platforms are who they claim to be, employers should verify candidates’ identities over a video call, as well as conduct thorough background checks. As documents including driver’s licences and university diplomas can be easily forged, organisations have been urged to directly contact the candidate’s educational institution or former employer, and avoid using reference contact information provided by the candidate.

The advisory comes weeks after programmer and blockchain expert Virgil Griffith, a US citizen based in Singapore, was sentenced to 63 months in prison and fined $100,000 (£77,000) for helping North Korea launder money and evade sanctions. Having illegally travelled to Pyongyang in April 2019, Griffith provided instructions on how North Korea could use blockchain technology such as smart contracts to negotiate nuclear weapons with the US.

Sabina Weston

Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.

Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.