Amazon says it isn't just sifting through resumes—it's blocking alleged North Korean operatives trying to get on the payroll. In a Dec. 19 LinkedIn post, Amazon chief security officer Stephen Schmidt said the company has prevented more than 1,800 suspected workers tied to North Korea from being hired since April 2024. The goal, he wrote, is simple: "Get hired, get paid, and funnel wages back to fund the regime's weapons programs." Schmidt said such applications are up 27% quarter over quarter this year.
Amazon is detecting the attempts with a mix of AI-based screening and human review, he said, adding that many of the workers hide behind so-called "laptop farms": computers physically located in the US but controlled remotely from abroad. Per NBC News, the Justice Department in June said it had uncovered 29 such operations in the US; one Arizona woman received more than eight years in prison in July for running a laptop farm that helped North Korean workers secure remote positions at more than 300 US companies, generating in excess of $17 million, according to prosecutors.
"As CSO of one of the world's largest employers, my team sees these threats at a scale few organizations do," Schmidt observes. "That gives us unique visibility into how these operations evolve and a responsibility to share what we're learning." Some of those learnings:
- These applicants are increasingly going after AI-related roles, in part due to the exploding number of them.
- They're stepping up their identity-theft game, going after "actual software engineers who provide real credibility, rather than people with minimal online presence."
- Ditto their LinkedIn strategies. "We're seeing them hijack dormant accounts through compromised credentials to gain verification."
- "Small details give them away." They might start their phone number with "+1" instead of the "1" Americans use, or list a degree from a school that doesn't offer the specified major.
,
uBlock 
,
and
Ghostery 
)
