Amazon alerts on North Korean IT breach, halts 1,800+ applicants
Amazon, the US tech giant, has prevented over 1,800 North Koreans from joining its workforce, citing their attempts to secure remote IT positions. North Korea is recognized for dispatching IT workers overseas to generate income and covertly transfer funds back to the nation. Amazon stated that the efforts are indicative of a broader global issue and are not confined to a single company. In a LinkedIn post last week, Amazon’s Chief Security Officer Stephen Schmidt stated that North Korean workers had been “attempting to secure remote IT jobs with companies worldwide, particularly in the US.” He stated that the company had experienced nearly a one-third increase in such applications over the past year.
Schmidt states that numerous workers utilize “laptop farms” — computers situated in the United States yet operated remotely from abroad. Schmidt cautioned that the problem is not unique to Amazon and “is likely happening at scale across the industry.” He noted that some common red flags included incorrectly formatted phone numbers and questionable academic qualifications. In July, a woman in Arizona received a sentence of more than eight years in prison for operating a laptop farm that assisted North Korean IT workers in securing remote positions at over 300 US companies. Officials stated that the operation generated over $17 million for her and for North Korea.
Last year, South Korea’s intelligence agency issued a warning that North Korean operatives had exploited LinkedIn to impersonate recruiters. Reports indicate that they focused on South Koreans employed at defense companies to acquire sensitive technological information. “North Korea is actively training cyber personnel and infiltrating key locations worldwide,” stated Hong Min in an interview. “Given Amazon’s business nature, the motive seems largely economic, with a high likelihood that the operation was planned to steal financial assets,” he added.
North Korea’s cyber warfare efforts have origins that trace back to at least the mid-1990s. According to a 2020 US military report, the programme has grown over the years into a cyber unit comprising approximately 6,000 members, referred to as Bureau 121. In November, Washington imposed sanctions on eight individuals accused of being “state-sponsored hackers.” US officials stated that their unlawful actions were executed “to fund the regime’s nuclear weapons programme.” The US Treasury Department has leveled accusations against hackers linked to North Korea, claiming they have stolen over $3 billion in the last three years, primarily through crimes associated with cryptocurrency.
