North Korea skirts US sanctions by secretly selling software around the globe
Fake social media profiles are useful for more than just sowing
political discord among foreign adversaries, as it turns out. A group
linked to the North Korean government has been able to duck existing
sanctions on the country by concealing its true identity and developing
software for clients abroad.
This week, the US Treasury issued sanctions against two tech companies
accused of running cash-generating front operations for North Korea:
Yanbian Silverstar Network Technology or “China Silver Star,” based near
Shenyang, China, and a Russian sister company called Volasys Silver
Star. The Treasury also sanctioned China Silver Star’s North Korean CEO
Jong Song Hwa.
“These actions are intended to stop the flow of illicit revenue to North
Korea from overseas information technology workers disguising their
true identities and hiding behind front companies, aliases, and
third-party nationals,” Treasury Secretary Steven Mnuchin said of the
sanctions.
As the Wall Street Journal reported in a follow-up story, North Korean
operatives advertised with Facebook and LinkedIn profiles, solicited
business with Freelance.com and Upwork, crafted software using Github,
communicated over Slack and accepted compensation with Paypal. The
country appears to be encountering little resistance putting tech
platforms built by US companies to work building software including
“mobile games, apps, [and] bots” for unwitting clients abroad.
The US Treasury issued its first warnings of secret North Korean
software development scheme in July, though did not provide many details
at the time. The Wall Street Journal was able to identify “tens of
thousands” of dollars stemming from the Chinese front company, though
that’s only a representative sample. The company worked as a middleman,
contracting its work out to software developers around the globe and
then denying payment for their services.
Facebook suspended many suspicious accounts linked to the scheme after
they were identified by the Wall Street Journal, including one for
“Everyday-Dude.com”:
“A Facebook page for Everyday-Dude.com, showing packages with
hundreds of programs, was taken down minutes later as a reporter was
viewing it. Pages of some of the account’s more than 1,000 Facebook
friends also subsequently disappeared…
“[Facebook] suspended numerous North Korea-linked accounts
identified by the Journal, including one that Facebook said appeared not
to belong to a real person. After it closed that account, another
profile, with identical friends and photos, soon popped up.”
Linkedin and Upwork similarly removed accounts linked to the North Korean operations.
Beyond the consequences for international relations, software
surreptitiously sold by the North Korean government poses considerable
security risks. According to the Treasury, the North Korean government
makes money off of a “range of IT services and products abroad”
including “website and app development, security software, and biometric
identification software that have military and law enforcement
applications.” For companies unwittingly buying North Korea-made
software, the potential for malware that could give the isolated nation
eyes and ears beyond its borders is high, particularly given that the
country has already demonstrated its offensive cyber capabilities.
Between that and sanctions against doing business with the country,
Mnuchin urges the information technology industry and other businesses
to exercise awareness of the ongoing scheme to avoid accidentally
contracting with North Korea on tech-related projects.
https://www.geezgo.com/sps/39231
Join Geezgo for free. Use Geezgo's end-to-end encrypted Chat with your Closenets (friends, relatives, colleague etc) in personalized ways.>>
No comments