Companies face significant legal and financial risks when discovering that they have inadvertently hired information technology (IT) workers from North Korea. These incidents can reveal an organized employment scheme that generates revenue for the North Korean regime’s weapons programs, further complicating the situation for the affected organizations.
First of all, try by all means not to hire North Korean spies
Cybersecurity experts warn that, although North Korean workers may be linked to weapons programs, their main motivation is to earn a salary. This changes the dynamic of how companies should handle these situations. Attendees at the Cyber Defense Summit in Washington, D.C., suggest that companies should collaborate among their human resources, security, and legal departments to identify warning signs during the hiring process.
Among the risk indicators are unvalidated emails, LinkedIn profiles with recycled resumes, and the lack of willingness of candidates to conduct video interviews. Early detection is crucial, as organizations may be exposed to sanction violations even if a payment to a North Korean employee is made inadvertently.
Once a company suspects that it has hired a worker from North Korea, decisions about terminating employment are not straightforward. Experts say it is essential to maintain communication with these employees in order to facilitate the gathering of evidence and the recovery of equipment. Workers tend to be cooperative, interested in recovering their last paycheck before their employment relationship is terminated.
Although there is no legal obligation to notify authorities about these findings, experts emphasize that voluntary disclosure can be beneficial and may reduce penalties in the event of a violation. The threat of these incidents continuing to expand remains, turning this issue into a persistent challenge for companies. These cases indicate that the danger of cybersecurity is far from disappearing.
