On Wednesday, the U.S., South Korea, and Japan jointly voiced serious concerns regarding North Korea’s malicious actions, including the use of illicit information technology (IT) personnel operations to fund weapons of mass destruction (WMD) and ballistic missile programs.
In a trilateral statement, the three nations asserted that North Korea is violating United Nations (UN) Security Council resolutions by deploying IT workers worldwide to generate revenue.
The statement emphasized that North Korean IT personnel employ a range of deceptive tactics, including the use of artificial intelligence (AI) technology and collaborations with foreign facilitators, to fabricate false identities and residences. These operatives are reportedly securing freelance contracts across North America, Europe, and East Asia.
The three countries highlighted that these nefarious cyber activities by North Korean IT operatives are particularly prevalent in the blockchain sector.
They issued a stark warning that engaging with, supporting, or contracting North Korean IT personnel carries severe risks, including the theft of intellectual property, sensitive information, and funds, as well as potential reputational damage and legal consequences.
Concurrently, the U.S. State and Treasury Departments announced additional sanctions targeting four entities and individuals involved in North Korea’s IT personnel operations in Russia, Laos, and China.
The sanctioned parties include Russian national Vitaly Sergeyevich Andreev, Kim Ung Sun (an economic and trade official at the North Korean consulate in Russia), Shenyang Jin Feng Li Network Technology, and Xin Jin Trading Company.
The State Department also disclosed that on Tuesday, it co-hosted a forum in Tokyo with the South Korean Ministry of Foreign Affairs, the Japanese Ministry of Foreign Affairs, and Mandiant, Google Cloud’s security technology division.
This event aimed to strengthen collective defenses against North Korea’s deceptive IT tactics through public-private collaboration. Over 130 representatives from the three governments and relevant industry partners participated, including freelance platforms, payment service providers, cryptocurrency firms, AI companies, and Web3 technology businesses—all potential targets of North Korean IT operatives.