Amazon has overhauled its hiring and internal security framework after uncovering repeated attempts by North Korean-linked operatives to gain access to the company through remote software engineering roles. The effort, described by Amazon as part of a broader, state-backed campaign, is aimed at covertly generating foreign revenue for Pyongyang while evading international sanctions.
According to Amazon Chief Security Officer Steve Schmidt,
the company has blocked thousands of suspicious applications tied to this
scheme. At the centre of the operation are so-called “laptop farms” — physical
setups located outside North Korea where company-issued laptops are stored and
connected to local residential internet networks. From there, workers operating
inside North Korea remotely access the machines, making it appear as though
they are working from approved countries such as the US or the UK.
These operatives often rely on stolen or fabricated
identities, sometimes impersonating legitimate IT professionals, to slip past
standard recruitment checks. Amazon says this tactic has become increasingly
sophisticated, forcing the company to rethink how it validates candidates in a
remote-first hiring environment.
To counter the threat, Amazon has strengthened interview
safeguards by introducing advanced liveness verification tests and expanding
real-time monitoring of network activity. These measures help identify
anomalies commonly associated with remote-access tools and proxy-based
connections.
The company revealed that more than 1,800 North
Korean-linked applicants were stopped from joining Amazon alone, highlighting
the scale of the issue. Schmidt noted that the problem extends far beyond a
single organisation and affects companies across the global tech sector,
particularly those offering remote IT roles.
In a recent LinkedIn post, Schmidt warned that North Korea has been systematically targeting international employers, using overseas IT work as a channel to secretly move funds back into the country. Amazon’s actions, he said, reflect a growing need for corporations to treat recruitment security as a frontline defence against state-sponsored cyber and financial threats.
By - Aaradhay Sharma
No comments:
Post a Comment