Article Details

US sanctions North Korean firm, nationals behind IT worker schemes. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned three North Korean nationals and a company for supporting fraudulent IT worker schemes that generated illicit revenue for the Democratic People’s Republic of Korea (DPRK) government. The sanctioned company is named Korea Sobaeksu Trading Company, and the three North Korean individuals are Kim Se Un, Jo Kyong Hun, and Myong Chol Min. North Korea’s IT worker schemes involve placing skilled tech workers in American companies using fake or stolen identities to get the job. The workers' earnings are then funneled to the DPRK regime to fund its nuclear and missile programs. In a recent public service announcement, the FBI has updated its recommendations for U.S. businesses to defend against such schemes. The U.S. has taken decisive action against these schemes and their facilitators in the past, such as the disruption of “laptop farm” operations in the country earlier this month and the indictment of 14 key individuals. Also earlier this month, OFAC sanctioned Song Kum Hyok, believed to be a member of the North Korean hacking group “Andariel” and a facilitator of IT worker schemes.  OFAC's latest round of sanctions lists the following entities and individuals that played a role in financial facilitation, recruitment, and cryptocurrency operations aimed to further DPRK's goals: OFAC's sanctions translate into freezing assets on U.S. territory and prohibiting transactions with U.S. persons and businesses. Overall increased international pressure is another effect of the sanctions. Sanctions are not the only means to disrupt DPRK's efforts as the U.S. Department of State has announced rewards of up to $7 million for information leading to the arrest/conviction of the sanctioned individuals. The Board Report Deck CISOs Actually Use CISOs know that getting board buy-in starts with a clear, strategic view of how cloud security drives business value. This free, editable board report deck helps security leaders present risk, impact, and priorities in clear business terms. Turn security updates into meaningful conversations and faster decision-making in the boardroom.