Today, the U.S. Department of State and the Federal Bureau of Investigation, in coordination with partners from the Republic of Korea Ministry of Foreign Affairs, National Police Agency, and National Intelligence Service are releasing a joint public service announcement (PSA) with updated guidance on red flag indicators and due diligence measures to help companies avoid hiring Democratic People's Republic of Korea (DPRK) information technology (IT) workers posing as non-DPRK nationals. The PSA updates guidance in the DPRK IT Worker Advisories released in 2022 by the United States and the Republic of Korea in May and December, respectively.
Today's announcement of FBI and DOJ action against DPRK IT workers reinforces the importance of tackling this issue. DPRK IT workers continue to take advantage of demand for specific IT skills such as software and mobile application development while fraudulently obtaining employment contracts around the world, including in the United States. This action leads to companies unwittingly hiring DPRK IT workers.
Hiring or supporting DPRK IT workers - knowingly or unknowingly - poses many risks, ranging from theft of intellectual property, data, and funds, to reputational harm and legal consequences, including under U.S., ROK, and UN sanctions. Illicit DPRK revenue-generating activities support the regime's priorities like development of its unlawful weapons of mass destruction (WMD) and ballistic missile programs, which threaten international peace and security and violate multiple UN Security Council resolutions.
The United States and Republic of Korea advisories on DPRK IT workers offer guidance and information to help governments and private sector minimize risk.