Amazon Chief Security Officer Stephen Schmidt said the company has blocked more than 1,800 suspected North Korean applicants from joining the tech giant. Schmidt states in his LinkedIn post that this is the number of profiles his team has intercepted since April 2024, with attempts increasing by 27% quarterly this year alone. Amazon uses AI to screen profiles and check for anomalies, which are then verified by human operators. “Our AI model analyzes connections to nearly 200 high-risk institutions, anomalies across applications, and geographic inconsistencies,” the Amazon CSO wrote. “We verify identities through background checks, credential verification, and structured interviews.”
Despite being a tightly controlled country with most of its citizens having no access to the internet, the Democratic People’s Republic of Korea (DPRK) has a highly skilled IT workforce in its employment. However, instead of serving local needs, the North Korean regime uses its skills to gain funding, especially as the country is still an international pariah with heavy economic sanctions meted against it. This has become easier in recent years as the popularity of remote work has made it easier for anyone to pose as a United States citizen and apply for a job — in fact, CrowdStrike has investigated over 320 incidents last year, with many of them using AI to create fake profiles.
As more companies become aware of this technique, Pyongyang is changing tactics and now using stolen identities to apply for jobs. They would often target dormant LinkedIn accounts of actual IT workers and software engineers and use them for their application. They also work with U.S.-based persons to set up laptop farms, so that the hardware that companies send over, especially those with tracking systems, will remain in the U.S. while North Korean workers remotely access the computer. In fact, several people have already been convicted of this, and over 240 companies have been victimized by this scam. Notably, Amazon recently busted one North Korean contract worker after spotting abnormally high keystroke lag.
Although it might seem obvious that tech companies are the ones that are most at risk of being targeted by the DPRK, The Register said that North Korean actors are increasingly getting interviews in other industries like finance, healthcare, and public administration, among others. One way hiring managers can protect against scams like these is to verify details, such as applicants claiming to have degrees from schools or universities that do not actually offer them, or enrollment dates that do not align with academic schedules. Aside from these, you can also check for subtle details, such as applicants using formatting not typically used in the U.S., such as +1 in phone numbers.
Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.