Share
There is no longer any question that the advent of remote working following the pandemic has led to a societal shift where employees have come to expect greater autonomy and flexibility.
Over the years, many organisations have retained hybrid or entirely remote working models. The benefits are clear, with studies reporting that it boosts employee morale and work-life balance.
Nevertheless, remote working is often met with criticism. A leading communications company has reintroduced office working after collating data which shows that “higher levels of office attendance are associated with stronger employee engagement, improved client survey scores and better financial performance.”
Impact to productivity isn’t the only risk that companies should be concerned about. Over recent years, there has been a substantial increase in the number of companies encountering fraudulent remote workers within their own ranks.
According to various reports, The Democratic People's Republic of Korea (“DPRK”) has been covertly deploying skilled IT workers to obtain employment within unsuspecting organisations with the aim of siphoning salaries, data, and intellectual property back to the DPRK regime. These individuals mask their true identities by using fake identity (non-DRPK) documents and CVs to gain interviews, and then use generative AI to prevent hiring managers from realising that they are not who they claim to be.
This is a prime example of how AI is being deployed by malicious actors, and given how realistic the real-time deepfake technology has become, creates a formidable threat to organisations in the age of remote work.
Individuals present as experienced workers, are often highly skilled with an intense work ethic, and quickly become invaluable to their host organisations.
In order to facilitate the issue of company equipment enablers local to the host company are often recruited, lured with financial reward, and frequently from within vulnerable sectors of society. Last year, five US citizens were indicted having hosted laptop farms and assisted with job applications in order to aid the scheme.
So far, these schemes have been successful. The UN Security Council found that the undercover workers generate between $250m-$600m annually for the DPRK, and specialists have advised that this is a more widespread issue than companies realise.
The US appeared to be the main target for a number of years, but recent law enforcement action has disturbed the web of criminal activity and increased awareness amongst organisations.
The ghost workers have since turned their attention to European countries. The Office of Financial Sanctions Implementation (“OFSI”) have provided written guidance on this issue and state that it is “almost certain” that UK businesses are currently being targeted by individuals from North Korea. They have also advised businesses of how to remain vigilant and identify red flags. While proving the origins of suspicious workers remains a challenge, Kennedys’ Cyber team has recently been dealing with instances which follow similar patterns within the UK, seemingly confirming this is now very much a live issue in this jurisdiction.
Red flags include: inconsistencies in personal information, variable IP address locations, and consistent refusals to join video interviews or attend the office in person. Often, the ruse falls away when these workers are pushed to provide multiple sources of information to confirm their identity, following which they typically vanish from the organisation.
Businesses face myriad legal and regulatory considerations when confronting these ghost workers, including money laundering, sanctions, data privacy, and modern slavery legislation, all of which can hold significant implications for the businesses themselves should their processes fail to meet legislative requirements. Naturally, prevention is always better than the cure and so it is essential that businesses are alert to this increasing risk when hiring remote workers and have thorough vetting in place prior to hiring, both internally, but also when recruiting through agencies.