The text of the following statement was released by the Government of the United States of America, Japan, and the Republic of Korea on North Korean Information Technology (IT) workers.
Begin Text
The United States, Japan, and the Republic of Korea (ROK) remain united in our efforts to counter the threat posed by North Korean IT workers. North Korea continues to dispatch its IT workers around the world to generate revenue, which funds its unlawful weapons of mass destruction (WMD) and ballistic missile programs, in violation of UN Security Council resolutions (UNSCRs). The United States, Japan, and the ROK express serious concerns over the evolving malicious activities of North Korean IT workers.
North Korean IT workers use a variety of techniques to disguise themselves as non-North Korean IT workers with false identities and locations, including by leveraging AI tools as well as cooperating with foreign facilitators. They take advantage of existing demands for advanced IT skills to obtain freelance employment contracts from an expanding number of target clients throughout the world, including in North America, Europe, and East Asia. North Korean IT workers themselves are also highly likely to be involved in malicious cyber activities, particularly in the blockchain industry. Hiring, supporting, or outsourcing work to North Korean IT workers increasingly poses serious risks, ranging from theft of intellectual property, data, and funds to reputational harm and legal consequences.
In this context, our three countries have taken coordinated actions to disrupt the North Korean IT worker threat. Today, Japan issues an update to its previous alert to provide detailed information on new tradecraft used by North Korean IT workers and advises private sector entities to mitigate the risk of inadvertently hiring, supporting, or outsourcing work to North Korean IT workers. The United States is designating four entities and individuals furthering North Korean IT worker schemes, including in Russia, Laos, and China. The Republic of Korea issued advisories on North Korean IT worker activities to help companies avoid being targeted or victimized.
On August 26, our three countries also hosted an event in Tokyo in partnership with Mandiant to improve public-private partnership and support international industry collaboration in the fight against North Korean exploitation.
The United States, Japan, and the Republic of Korea reaffirm their commitment to enhancing their coordination among the three countries, and deepening collaboration between the public and private sector to counter malicious cyber activities and illicit revenue generation by North Korea.
End Text
