The Justice Department announced Thursday the arrests of three people as part of a complex identity theft scheme that officials say generates huge revenue for the North Korean government, including for its weapons program.
The scheme involves thousands of North Korean IT workers who prosecutors say are sent abroad by the government and rely on the stolen identities of Americans to obtain remote work jobs at Fortune 500 companies based in the United States , which gives them access to sensitive company data and lucrative paychecks.
The scam is a way for heavily sanctioned North Korea, cut off from the U.S. financial system, to take advantage of a “poisonous brew” of converging factors, including a shortage of high-tech workers in the U.S. and the spread of telecommuting . Justice Department Assistant Attorney General Marshall Miller said in an interview.
The Justice Department says the cases are part of a broader strategy to not only prosecute people who enable the fraud, but also to build partnerships with other countries and put private sector companies on notice that they need to be vigilant about the people who enable them set. FBI and Justice Department officials launched an initiative in March and last year announced the seizure of website domains used by North Korean IT workers.
“Compliance programs of American companies and organizations are increasingly at the forefront of protecting our national security.” “Corporate compliance and national security are intertwined today like never before.”
According to the Justice Department, the conspiracy affected more than 300 companies – including a high-end retail chain and a “leading Silicon Valley technology company” – and affected workers based outside the US by more than 6% .8 million US dollars raised in China and Russia.
The three people arrested include an Arizona woman, Christina Marie Chapman, who prosecutors say facilitated the scheme by helping workers obtain and validate stolen identities, receiving laptops from U.S. companies that thought They would send the devices to legitimate employees, and helped workers connect remotely to the company.
According to the indictment, Chapman ran more than a “laptop farm” in which U.S. companies sent computers and paychecks to IT workers they didn’t know were overseas.
At Chapman’s laptop farms, she allegedly connected foreign IT workers who logged in remotely to corporate networks, making it appear as if the logins were coming from the United States. She is also alleged to have received paychecks for foreign IT employees at her home, forged the signatures of beneficiaries for remittances abroad and enriched herself by charging monthly fees.
The other two defendants include a Ukrainian, Oleksandr Didenko, who prosecutors say created fake accounts on job search platforms and was arrested in Poland last week, and a Vietnamese citizen, Minh Phuong Vong, who was arrested Thursday in Maryland on fraudulent procurement charges a job at a US company that was actually carried out by remote workers posing as him and based abroad.
It was not immediately clear whether any of the three had attorneys.
Separately, the State Department said it was offering a reward for information about certain North Korean IT employees who officials say were assisted by Chapman.
And the FBI, which conducted the investigation, issued a public notice warning companies about the plan and calling on them to adopt identity verification standards in the hiring process and educate human resources staff and hiring managers about the threat.