The recent actions of the U.S. Treasury Department have once again highlighted the ongoing issue of illicit activities conducted by North Korea’s Ministry of National Defense. In a move to disrupt these illicit operations, the Treasury Department has sanctioned a network of individuals and front companies linked to the North Korean regime. Among the entities targeted are Korea Osong Shipping Co., Chonsurim Trading Corporation, and Liaoning China Trade, all of which have been implicated in illegal remote IT work schemes.
These companies have been found to be generating revenue through fraudulent IT work, with the funds being funneled into supporting North Korea’s weapons programs, including the development of weapons of mass destruction and ballistic missiles. The sanctions imposed by the Office of Foreign Assets Control (OFAC) prohibit U.S. citizens and organizations from engaging in any transactions with these sanctioned entities. Any assets tied to these individuals and companies within the U.S. will be frozen, and financial institutions involved in transactions with them could face penalties.
Furthermore, the State Department has announced rewards of up to $5 million for information that aids in dismantling the operations of two other North Korean front companies, Yanbian Silverstar and Volasys Silverstar. These companies have collectively earned over $88 million in illegal remote IT work over the past six years.
One alarming aspect of North Korea’s illicit activities is the development of a network of “IT warriors” who operate under false identities to secure freelance IT contracts globally. Many of these individuals operate from locations outside North Korea and impersonate U.S.-based IT personnel, using U.S.-based laptop farms to access enterprise networks. By masquerading as U.S. employees, they evade sanctions while channeling their earnings back to the North Korean regime, which claims a significant portion of their wages.
These illicit schemes have proven to be highly profitable, generating hundreds of millions of dollars annually to fund North Korea’s military and weapons programs. In addition to securing illicit contracts, some of these IT workers have resorted to further illegal activities by threatening former employers. Upon being exposed and terminated from their positions, they have resorted to extorting companies by leveraging insider information and threatening to disclose sensitive data unless paid off.
The U.S. government, including agencies like the FBI, has consistently issued warnings about the dangers posed by these illicit IT operations orchestrated by North Korea. Efforts are ongoing to address the persistent threat posed by the regime’s expansive IT activities and to disrupt the flow of funds that fuel their destabilizing activities. By imposing sanctions and offering rewards for valuable information, the U.S. aims to curb North Korea’s illicit operations and protect against further illegal activities in the realm of IT work.