WelshWave Logo

Why Are Over 1,800 North Koreans Blocked from Job Applications on Amazon?

Why Are Over 1,800 North Koreans Blocked from Job Applications on Amazon?

Published: 2025-12-23 03:00:09 | Category: technology

Amazon has recently reported blocking over 1,800 job applications from suspected North Korean agents attempting to secure remote IT positions. The company's chief security officer, Stephen Schmidt, highlighted concerns that these operatives aim to funnel earned wages back to North Korea to support the regime's weapons programmes, which is indicative of a broader trend in the tech industry.

Last updated: 24 October 2023 (BST)

What’s happening now

The alarming revelation from Amazon underscores a significant security threat posed by North Korean operatives infiltrating the tech job market. According to Schmidt, there has been a substantial rise—nearly one-third—in job applications from North Koreans over the past year. This increase coincides with heightened warnings from US and South Korean authorities about the activities of North Korean agents engaging in online scams and cyber fraud.

Key takeaways

  • Amazon blocked 1,800 job applications from suspected North Korean agents.
  • Operatives reportedly use stolen or fake identities to apply for remote IT roles.
  • Fraudulent applications have increased by nearly one-third in the past year.
  • Employers are advised to look for specific indicators of fraud.

Timeline: how we got here

Recent developments give context to the situation regarding North Korean cyber activities. Key milestones include:

  • June 2023: The US government identified 29 "laptop farms" illegally operated by North Korean IT workers.
  • July 2023: A woman from Arizona was sentenced to over eight years in prison for aiding North Korean nationals in securing remote jobs, generating over $17 million (£12.6 million) in illicit gains.
  • October 2023: Amazon's chief security officer reported the blocking of 1,800 applications from suspected agents.

What’s new vs what’s known

New today/this week

Amazon's announcement reveals the scale of the issue, with substantial numbers of job applications from North Koreans being flagged as suspicious. This indicates a growing trend that may extend beyond Amazon, potentially affecting the broader tech industry.

What was already established

It has been previously reported that North Korean operatives engage in cyber fraud and scams, utilising sophisticated tactics to exploit online job platforms. The involvement of laptop farms and the use of fake identities have been longstanding concerns raised by authorities.

Impact for the UK

Consumers and households

Although the immediate implications for UK consumers may not be direct, this situation highlights the vulnerabilities in the global job market and the potential for cyber threats to impact various sectors, including technology and finance.

Businesses and jobs

The rise in fraudulent job applications poses risks for UK employers, particularly in the technology sector. Companies may need to tighten their hiring protocols and invest in more robust screening methods to mitigate the risks associated with such applications.

Policy and regulation

As concerns grow about North Korean cyber activities, UK policymakers may need to consider new regulations or guidelines to safeguard the job market and protect businesses from potential infiltration by foreign agents. Ongoing international collaboration with the US and South Korea will be vital in addressing these threats.

Numbers that matter

  • 1,800: Number of job applications blocked by Amazon from suspected North Korean agents.
  • 29: Laptop farms identified by the US government being operated illegally by North Korean IT workers.
  • £12.6 million: Amount generated in illicit gains by a woman sentenced for aiding North Korean nationals.

Definitions and jargon buster

  • North Korean operatives: Individuals associated with the North Korean government, often engaged in activities that support the regime, including cyber fraud.
  • Laptop farms: A term used to describe setups where multiple computers are operated remotely, often to facilitate illicit activities.
  • Fraudulent applications: Job applications submitted under false pretenses, typically using stolen or forged identities.

How to think about the next steps

Near term (0–4 weeks)

Employers should implement immediate measures to review their hiring processes and enhance their application screening techniques. This includes training staff to identify suspicious indicators in applications.

Medium term (1–6 months)

Companies may need to collaborate with cybersecurity experts to develop more sophisticated screening technologies, potentially integrating AI solutions to detect fraudulent activities more effectively.

Signals to watch

  • Increased reports of fraudulent job applications in the tech sector.
  • Government advisories or alerts regarding North Korean cyber activities.
  • Legal actions or regulations introduced to combat these cyber threats.

Practical guidance

Do

  • Implement robust identity verification processes for job applicants.
  • Train hiring teams to recognise signs of fraudulent applications.
  • Report any suspicious activities to the authorities.

Don’t

  • Ignore discrepancies in application details, such as education histories or contact information.
  • Assume that all remote job applicants are genuine without proper verification.

Checklist

  • Verify the identity of applicants through official channels.
  • Cross-reference application details against known databases.
  • Monitor hiring patterns for sudden increases in applications from specific regions.
  • Stay informed about emerging trends in cyber fraud within the job market.
  • Encourage employees to report any suspicious job applications they encounter.

Risks, caveats, and uncertainties

The situation regarding North Korean cyber activities remains fluid, with ongoing developments and potential changes in tactics by operatives. Employers must remain vigilant and adaptable to new threats as they emerge. There is also a risk that false positives may occur, leading to genuine candidates being unfairly rejected.

Bottom line

The blocking of over 1,800 job applications by Amazon highlights a significant and growing threat from North Korean operatives in the tech industry. Employers in the UK should take proactive steps to enhance their hiring processes and remain informed about emerging threats to protect their businesses and the integrity of the job market.

FAQs

How can companies identify fraudulent job applications?

Companies can identify fraudulent job applications by looking for mismatched education histories, incorrectly formatted phone numbers, and other inconsistencies that raise red flags.

What should businesses do if they suspect an application is fraudulent?

Businesses should report any suspicious job applications to the authorities for further investigation and enhance their application verification processes.

Why is this trend concerning for the tech industry?

This trend is concerning for the tech industry as it indicates a potential influx of malicious actors seeking to infiltrate companies and funnel resources back to North Korea, endangering national security and corporate integrity.

Latest News
Who Will Prevail in the Giants vs MI Emirates Clash? Live Score from Abu Dhabi!
Who Will Prevail in the Giants vs MI Emirates Clash? Live Score from Abu Dhabi!
Did the West Indies Captain Let His Team Down in the New Zealand Tests?
Did the West Indies Captain Let His Team Down in the New Zealand Tests?
Is India's Jobs Guarantee Scheme a Global Model at Risk?
Is India's Jobs Guarantee Scheme a Global Model at Risk?