US sanctions target North Korean fake tech worker scheme

WASHINGTON - The US slapped sanctions on individuals and companies linked to a scheme that involves recruiting North Koreans to pose as American tech workers and help fund North Korean leader Kim Jong Un’s regime.

The Treasury Department’s Office of Foreign Assets Control imposed penalties on a “malicious cyber actor” named Song Kum Hyok, who is accused of having ties with a hacking group linked to Pyongyang, as well as another individual and four companies based in Russia and North Korea.

Song allegedly facilitated an IT worker scheme where North Koreans and others working from China and Russia are given false American identities – often using information stolen from US citizens – to gain remote employment with US companies and generate revenues for North Korea.

The workers use “a variety of mainstream and industry-specific freelance contracting, payment, and social media and networking platforms,” the Treasury Department said in a statement. It also said that in some cases, the IT workers introduced malware into company networks.

Thousands of North Korean workers have been posing as nationals from other countries to infiltrate companies in the US and around the world, according to the US government.

In June, the Justice Department announced one arrest and charges against nine people connected to the scheme.

In a separate announcement, the State Department said it was offering a reward of up to US$5 million (S$6.4 million) for information that would disrupt the financial means of people engaged in activities that support North Korea. It also offered US$10 million for identifying and locating people involved in cyberattacks against critical US infrastructure. BLOOMBERG