USA, Japan and South Korea Issue Statement on Rogue North Korean IT Workers

The three nations remain united in countering the threat, and advise on common tactics used.

In a statement released by the Governments of the USA, Japan, and the Republic of Korea, the three say they “remain united in our efforts to counter the threat posed by North Korean IT workers.”

Saying that the DPRK continues to dispatch its IT workers around the world to generate revenue, which funds its military program, the governments have taken coordinated actions to disrupt the North Korean IT worker threat. This includes Japan issuing an update to provide detailed information on new tradecraft used by North Korean IT workers and advising private sector entities to mitigate the risk of inadvertently hiring, supporting, or outsourcing work to North Korean IT workers.

The Republic of Korea has issued advisories on North Korean IT worker activities to help companies avoid being targeted or victimised, while the USA is designating four entities and individuals furthering North Korean IT worker schemes, including in Russia, Laos, and China.

The advisory states that North Korean IT workers use a variety of techniques to disguise themselves with false identities and locations, as well as by leveraging AI tools and cooperating with foreign facilitators.

“They take advantage of existing demands for advanced IT skills to obtain freelance employment contracts from an expanding number of target clients throughout the world, including in North America, Europe, and East Asia,” the statement said. “North Korean IT workers themselves are also highly likely to be involved in malicious cyber activities, particularly in the blockchain industry.

“Hiring, supporting, or outsourcing work to North Korean IT workers increasingly poses serious risks, ranging from theft of intellectual property, data, and funds to reputational harm and legal consequences.”

Written by

Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.