An investigation by Google’s intelligence team, published by The Guardian on April 20, 2025, revealed how hundreds of North Korean IT workers managed to secure jobs at Western companies, including several UK-based firms, by using false identities and collaborating with intermediary agencies. According to the UK’s National Cyber Security Centre and the US Department of Justice, these individuals used sophisticated methods to conceal their affiliation with North Korea, thereby indirectly funding the regime through fraudulently obtained salaries. Authorities are now recommending that companies mandate video or in-person interviews to verify candidates’ identities and prevent similar infiltrations. The job scam phenomenon, already known to intelligence services, has now reached such a scale that it clearly exposes the inadequacy of current hiring practices in today’s digital and global workforce. The latest tactic also involves fake IT professionals threatening to leak sensitive company data after being dismissed.
The infiltration of North Korean IT workers into Western companies, as highlighted by these investigations, underscores the critical importance of thorough due diligence on third parties and collaborators. These individuals, often operating under false identities, have managed to obtain positions in sensitive sectors by exploiting weaknesses in remote hiring processes and have financially contributed to sanctioned state programs, as well as collected confidential information on target companies and gained access to corporate information systems.
The case clearly illustrates how hostile actors adopt sophisticated tactics to bypass controls. These include using stolen or fictitious identities, systematically avoiding video or in-person interviews, requesting that company devices be sent to unverified addresses, and using technologies such as VPNs to mask their real location. The risk to companies is twofold: on one hand, there are serious violations of international regulations; on the other, there is increased exposure to threats such as intellectual property theft, unauthorized access, digital extortion, and reputational damage.
To prevent such situations, it is essential to review hiring processes. A central component of the mitigation strategy is strengthening the identity verification of candidates. The adoption of advanced biometric recognition technologies, real-time document verification through certified platforms, and integration with governmental and international databases for personal data authentication can significantly increase the level of security. The use of synchronous video interviews with real-time verification of the match between the presented document and the individual’s face is now not just recommended, but essential. In high-risk contexts, tools such as behavioral analysis and voice-stress analysis can add an additional layer of non-invasive verification.
However, it is necessary to consider that while these measures strengthen security safeguards, they may also slow down onboarding processes and create friction in competitive environments (such as the AI specialist market). Therefore, the challenge for companies is to balance the effectiveness of controls with operational efficiency. The solution lies in the intelligent integration of verification tools into the selection process so that they become an organic part of the workflow rather than bureaucratic obstacles. Automating initial checks, centralizing the management of high-risk profiles, and providing recruiters with simple yet robust tools to validate candidates allows companies to maintain process speed without compromising security. Furthermore, transparent communication with candidates regarding adopted procedures can improve compliance and reduce the perception of invasiveness.
Another key element in strengthening hiring security is the synergistic collaboration between Human Resources departments and the Corporate Security team. HR professionals, traditionally focused on evaluating skills and onboarding new employees, must now take a proactive role in protecting the company’s digital infrastructure. This requires close cooperation with Security Managers to define stricter screening criteria, share information on potential warning signs, and develop targeted training programs. The management of employees’ digital identities, from onboarding to offboarding, thus becomes a shared responsibility, aiming to ensure that every access to corporate systems is traceable, authorized, and compliant with security policies.
The case of fake North Korean IT workers serves as a warning about the importance of thorough due diligence and rigorous hiring checks, especially in an increasingly remote work environment. Companies must adopt a proactive approach to protect their assets, avoid unwitting complicity, and ensure compliance with international regulations.
In this candidate background verification process (for both collaborators and managers), Kriptia has a strong track record, supported by the experience and best practices of the American market in which Kriptia US operates. For more information, contact us at info@kriptia.com.