The U.S. government has warned American firms about the danger of hiring North Korean IT workers.
The Bureau of International Security and Nonproliferation, under the state department, posted a tweet on Friday saying that C.S. Eliot Kang, an assistant secretary at the bureau, met with industry and government officials on Thursday.
In the meeting, he warned of the risks related to hiring North Koreans who pose as third-country citizens working in the freelance information and technology (IT) sector. Such risks include intellectual data theft, legal consequences, reputational harm and exposure to malicious North Korean cyber actors.
The bureau tweeted that highly skilled North Korean IT workers are generating revenue for the regime's weapons of mass destruction and ballistic missile programs and that they often target wealthier nations where pay is the highest, while deceptively hiding their true nationality.
The bureau said that while the U.S. continues to seek dialogue with Pyongyang, it is also committed to disrupting its illicit revenue-generating activities around the world that support its illegal WMD and ballistic missile programs.
Meanwhile, according to Voice of America, Microsoft's Threat Intelligence Center has linked the ransomware operation Holy Ghost to North Korean hackers.
The center said that for more than a year, North Korean hackers have been running the operation, attacking small businesses in various countries, following the pattern of a typical ransomware attack.
But it noted that as they usually demanded a small payout of bitcoin and were willing to negotiate and sometimes lower the price, the hackers may be doing this on their own, for personal financial gain.