Today, Explained

My colleague, the scammer

Overview

Content

North Korean Remote Work Infiltration and Cyber Operations

- The FBI has warned that companies like Google and SentinelOne have unknowingly hired North Korean operatives - Significant challenges exist in verifying the identity of remote job candidates

- Hundreds of applications for a single job - Inconsistent resume details and personal backgrounds - Candidates with: * Anglo names but Asian ethnicity * Claims of being from the US, but with thick foreign accents * Identical coding test performances * Similar default video backgrounds * Laggy internet connections * Background noise suggesting a call center environment

- One candidate was using an AI bot reflected in their glasses' lenses, providing scripted interview answers - These were not just fraudulent job seekers, but North Korean operatives attempting to get jobs to send money back to North Korea

- Reporter Bobby Johnson investigated after hearing about AI-driven scams - Connected with Simon Weikman, a web security company owner who first noticed the suspicious hiring patterns

- Stealing American identities - Using AI tools to pass interviews and tests - Employing deepfake technologies for ID verification

- Successfully get hired for IT-related jobs like website/app development - Work in teams of 10-15 people - Share tasks efficiently to appear competent - Goal is to earn money to send back to North Korea

- Steal information, money, and cryptocurrency - Potentially plant malicious software - Can remain employed from a few days to up to a year

- Require a US-based middleman/accomplice - Use "laptop farms" with multiple computers - Middleman helps them appear to be working from a US location - Facilitates remote access and communication

- Christina Chapman (from Minnesota/Arizona) - Helped North Korean teams target 300+ companies - Ran laptop farm with around 60 computers - Received and transferred money - Motivated by easy cash opportunity

- Target ordinary, low-profile individuals - Use LinkedIn and similar platforms - Promise of easy money

North Korean Cyber Workers and Operations

- Typically young men, recently out of college - Recruited into teams of 10-15 people - Work in isolated, controlled environments (digital "sweatshops") - Confined to nondescript apartments - Only allowed to leave in groups - Paid by government - Families kept under surveillance to prevent escape

- Unlike his father, Kim Jong-un is pro-technology - Educated in Switzerland, exposed to Western culture - Transformed North Korea's technological landscape - Shifted from minimal internet connectivity to prioritizing tech skills - Invested in computer science education and technology literacy - Views cyber capabilities as potential strategic opportunity

- These cyber workers are often entry-level, potentially serving as stepping stones to more advanced hacking teams - North Korea trains young college graduates to be cyber operatives - They specialize in hacking and covering their digital tracks - Cryptocurrency theft is a major focus, with one recent Dubai exchange hack netting $1.5 billion - These operations are a low-cost way for North Korea to generate revenue

- Hacking teams can earn around $3 million annually - Profits go directly to government programs and Kim Jong-un's personal funds - Hacking activities are expanding beyond the US to Europe and Japan

- Difficult to prosecute due to geographical and jurisdictional limitations - Existing sanctions are already so severe that they don't provide additional deterrence - Preventing attacks relies on identifying red flags during recruitment processes

- Possibility of accessing sensitive intellectual property or state secrets - Potential for more aggressive cyber attacks - Undermining general trust in digital interactions and communications

Broader Implications for Digital Trust

- Growing problem of distinguishing truth in the digital age - Prevalence of deep fakes - Widespread misinformation - Systems designed to make people doubt what they see

- Increasing difficulty of distinguishing between what is real and what is fabricated - Example: Suspicion about remote team members' authenticity due to limited interaction

- The "undermining of reality" as a significant existential problem - Danger of being separated from truth, with uncertainty about potential solutions

More from Today, Explained

Explore all episode briefs from this podcast

View All Episodes →

Listen smarter with PodBrief

Get AI-powered briefs for all your favorite podcasts, plus a daily feed that keeps you informed.

Download on the App Store