Washington, D.C. Thursday, the Justice Department said that three people had been arrested in a complicated scheme to use stolen identities to make a lot of money for the North Korean government, which is used for things like its weapons program.
The scheme involves thousands of North Korean IT workers who, according to prosecutors, are sent to live abroad by the government and use stolen American identities to get remote jobs at Fortune 500 companies in the U.S., where they can access sensitive company data and make good money.
Marshall Miller, the principal associate deputy attorney general for the Justice Department, said in an interview that the fraud is a way for North Korea, which is heavily sanctioned and cut off from the U.S. financial system, to take advantage of a “toxic brew” of factors that are coming together. These include a lack of high-tech workers in the U.S. and a rise in remote work.
According to the Justice Department, the cases are part of a larger plan to not only go after people who help with fraud but also to build partnerships with other countries and let private companies know they need to be careful about the people they hire. A project was started by the FBI and the Justice Department in March, and website domains used by North Korean IT workers were taken back last year.
“American companies and groups’ compliance programs are more and more often the first line of defense for our national security,” “National security and corporate compliance are now more linked than ever before.”
The Justice Department says the plot has impacted over 300 businesses, such as a high-end retail chain and a “premier Silicon Valley technology company.” It has also made more than $6.8 million for the workers, some of whom are from outside the U.S., such as China and Russia.
Christina Marie Chapman, an Arizona woman, was one of the three people arrested. Prosecutors say she helped the scheme run by helping the workers get and verify stolen identities, getting laptops from U.S. companies that thought they were sending them to real employees, and connecting the workers remotely to the company.
Indictments say Chapman was in charge of more than one “laptop farm” where American companies sent computers and paid IT workers they didn’t know were in other countries.
It is said that Chapman set up laptop farms for overseas IT workers who logged in to company networks from afar, making it look like the logins were coming from the US. She is also said to have received paychecks for overseas IT workers at her home, forged the signatures of the recipients to send the money abroad, and made extra money by charging monthly fees.
The other two defendants are a Ukrainian man named Oleksandr Didenko, who prosecutors say made fake accounts on job search sites and was arrested in Poland last week, and a Vietnamese man named Minh Phuong Vong, who was arrested Thursday in Maryland on charges of lying to get a job at a U.S. company that was actually done by people from overseas who pretended to be him.
It wasn’t clear right away if any of the three had lawyers.
Additionally, the State Department announced that it would pay a reward for information about certain North Korean IT workers who were helped by Chapman.
The FBI, which was in charge of the investigations, also made a public service announcement warning businesses about the scheme. The announcement told them to make sure that all hiring managers and human resources staff are trained on the threat.