Asia North Korea See all topics Follow

A woman in Arizona was sentenced Thursday to more than 8 years in prison for orchestrating a complex fraud scheme to help North Korean cyber operatives pose as Americans and obtain remote IT jobs at hundreds of US companies, including Fortune 500 corporations.

The plot, described by the Department of Justice as one of the largest North Korean IT worker fraud schemes, used the stolen identities of 68 Americans, defrauded more than 300 US businesses and generated more than $17 million in revenue –– funds that could benefit the nuclear-armed North Korean regime, the department said in a release.

Christina Chapman, 50, pleaded guilty in February after being accused of operating a “laptop farm” from her home, where she “received and hosted” company-issued computers on behalf of foreign IT workers to trick companies into believing the workers were living in the US.

She was charged with nine counts, including conspiracy to commit wire fraud and aggravated identity theft.

In its statement, the DOJ said North Korea has deployed thousands of highly skilled IT workers around the world, including to the US, to circumvent controls employed by US companies to prevent illegal hirings by enlisting the assistance of US-based collaborators.

The DOJ said Chapman shipped 49 laptops and other devices to various locations abroad, including a city in China near the North Korean border. Authorities found more than 90 laptops in her home in an October 2023 search.

Chapman also received and forged payroll records using stolen identities. Funds were deposited into her personal US accounts and then transferred to individuals overseas.

Among the companies affected by the scheme are Fortune 500 corporations, a major national TV network, an aerospace manufacturer, an American car maker and a luxury retail store, the May indictment read, without naming the companies.

Officials said that foreign IT workers unsuccessfully attempted to obtain employment at two US government agencies.

The State Department and other agencies issued in 2022 a warning about schemes, where North Korean IT workers, posing as from other nationalities, offered to work remotely and applied for jobs in electronic gaming, IT support, and artificial intelligence, among other sectors.

Some of these IT workers work closely with North Korean hackers, who are also a rich source of revenue for the regime, according to experts who spoke with CNN. About half of North Korea’s missile program has been funded by cyberattacks and cryptocurrency theft, a White House official said in 2024.

“By directing its IT workers to gain employment at Western companies, North Korea has weaponized its tech talent and created the ultimate insider threat,” Michael Barnhart, a North Korea specialist at Google-owned cybersecurity firm Mandiant, told CNN in 2024.

“These operatives bypass sanctions by diverting their paychecks to help fund North Korea’s nuclear program. Simultaneously, they’re providing a foothold into major organizations for North Korea’s more advanced threat groups,” Barnhart said.