Two Americans have been sentenced for operating "laptop farms" that allowed North Korean IT workers to pose as US-based remote employees at American companies. The scheme helped North Korea evade sanctions while placing operatives inside corporate networks with access to sensitive data.
How the Scheme Worked
The setup was surprisingly sophisticated. North Korean IT workers would apply for remote positions at US companies using stolen American identities. When hired, the companies would ship laptops and equipment to US addresses — the "laptop farms" run by the American conspirators.
Those Americans would then connect the laptops to the internet and forward access to the North Korean workers, who would log in remotely and perform the jobs as if they were working from the United States. The workers would receive paychecks sent to US bank accounts, which would then be forwarded to North Korea, helping the regime evade international sanctions.
From the companies' perspectives, everything looked normal. The "employees" showed up for video calls (using deepfake technology or stolen photos), completed their work, and participated in meetings. Many worked at these positions for months or even years without detection.
The Security Implications Are Staggering
Let's be clear about what this means: North Korean operatives had privileged access to American corporate networks. They could see source code, access internal systems, view customer data, and potentially insert backdoors or exfiltrate sensitive information.
And we have no idea how widespread this is.
The two Americans who were sentenced were caught, but how many other laptop farms are still operating? How many North Korean IT workers are currently employed at US companies? What have they accessed? What have they stolen?
These aren't hypothetical questions. The FBI and cybersecurity researchers have been warning about this scheme for years. What's new is that we're finally seeing criminal prosecutions.
Remote Work as Attack Vector
The COVID-19 pandemic accelerated remote work adoption by years, maybe decades. Companies that had resisted distributed teams suddenly had no choice. Hiring processes that once required in-person interviews moved entirely online.
