The U.S. Department of Justice (DOJ) announced the disruption of an international network that enabled North Korean IT workers to secure remote jobs at American tech firms, generating $50 million annually for Pyongyang’s weapons program.
The operation, involving 15 individuals across three continents, used stolen identities to bypass sanctions, with 200 U.S. companies unknowingly hiring North Korean operatives. The DOJ’s Cyber Division, working with the FBI, arrested five suspects in California and seized $10 million in illicit funds.
The network, active since 2020, exploited the remote work boom, with operatives posing as U.S. citizens to secure contracts in software development, earning $100,000 per worker annually. The DOJ cited violations of the International Emergency Economic Powers Act, impacting 5% of U.S. tech jobs.
The scheme supported North Korea’s ballistic missile program, which conducted 10 tests in 2024, costing $1 billion. U.S. authorities are enhancing AI-based screening to detect fraud, with 1,000 companies now under review. The operation’s takedown, praised by 80% of tech industry leaders, aims to protect the $2 trillion U.S. IT sector while tightening global sanctions enforcement.