The New York State Department of Financial Services (DFS) has cautioned the businesses it regulates that some remote technology workers may be secretly acting on behalf of the North Korean government. DFS issued the alert in a November 1 letter. Big I New York members who hire virtual assistants or other remote workers should take precautions to avoid hiring one of these individuals.
According to the letter, information technology (IT) workers operating on behalf of North Korea have used several tactics to get jobs with U.S. companies. These include posing as individuals from the U.S. or other countries, using false or stolen identities, or buying identities from U.S. based individuals.
The individuals often use virtual private networks (VPNs) to make it appear that they reside in the U.S. when they apply for remote jobs. Notably, they may also refuse to join in-person or video conference meetings. They may also have their new employer’s computer equipment shipped to alternative locations just before they start work. This permits U.S. based co-conspirators to access the equipment.
DFS said that the Federal Bureau of Investigation (FBI) and the U.S. Department of State have issued advisories regarding these threats.
The letter advised regulated entities to:
- Make senior management, IT personnel, and human resources departments aware that this could happen.
- Conduct a thorough background check during the hiring process, possibly including live or video interviews.
- Track the locations of company-owned laptops and cellphones to ensure that they are delivered and remain at the residence address the employee provided.
- Limit remote employees’ access to systems.
- Notify law enforcement and regulators promptly if they conclude that they’ve been victimized by one of these schemes.
The complete text of the letter, including links to the FBI and State Department alerts and the web address for reporting incidents, is on the DFS website.