Amazon recently made headlines by blocking over 1,800 job applications from suspected North Korean agents. According to Stephen Schmidt, Amazon’s chief security officer, these applicants attempted to secure remote IT positions using fake or stolen identities.
The goal? To get hired, earn money, and send it back to fund North Korea’s weapons programs. Schmidt noted this isn’t just an Amazon issue—it’s happening across the US tech sector.
Interestingly, North Korean applications have surged by nearly one-third in the past year. Schmidt mentioned that these operatives often work with “laptop farms,” which are essentially computers operated from outside the US but controlled remotely.
To combat this, Amazon employs a mix of artificial intelligence and human verification. However, Schmidt warns that the tactics used by these fraudsters have grown more sophisticated. They often hijack dormant LinkedIn accounts using stolen credentials, targeting real software engineers to lend credibility. He advises companies to be vigilant and report any suspicious applications.
Indicators of potential fraud include poorly formatted phone numbers and inconsistent educational histories. Just this past June, the US government identified 29 illegal laptop farms run by North Korean IT workers. They used forged American identities to secure jobs in the US, according to the Department of Justice (DOJ).
This issue isn’t isolated. In July, an Arizona woman was sentenced to over eight years in prison for her role in helping these North Korean operatives find work at more than 300 US companies, generating over $17 million in illegal profits.
The trend highlights a growing concern about cybersecurity and global employment practices. As technology advances, so do the tactics of malicious actors. Companies must stay alert and invest in robust security measures to protect their operations and the broader economy.
For more details on cybersecurity measures, you can check the Department of Justice’s findings here.
