Amazon has significantly tightened its recruitment and security protocols to prevent North Korean operatives from infiltrating its workforce through remote software development positions. The tech giant’s Chief Security Officer (CSO), Steve Schmidt, confirmed that the company has actively blocked numerous applications linked to a sophisticated state-sponsored scheme designed to funnel revenue into North Korea's sanctioned programmes. The infiltration strategy relies on "laptop farms," which are physical locations, often in third-party countries, where North Korean agents house company-issued hardware.
These laptops are connected to the internet via local residential proxies, allowing workers based in North Korea to control the machines remotely. This trickery makes it appear to corporate security systems that the employee is working from a legitimate location in the United Kingdom, the United States, or other authorized regions.
According to Schmidt, Amazon has identified and thwarted attempts by these agents to bypass traditional identity verification. The operatives frequently use stolen or forged identities, often belonging to real IT professionals, to pass initial background checks. To counter this, Amazon has introduced more rigorous "liveness" tests during the interview process and enhanced monitoring of network traffic to detect the tell-tale signs of remote-access software being used on corporate devices.
The rise of generative AI has added another layer of complexity to the situation. Reports suggest that operatives are leveraging AI tools to improve their English skills and even modify their appearance or voice during video calls to more convincingly impersonate stolen identities.
Amazon’s proactive approach reflects an evolution in corporate security priorities, shifting from safeguarding data alone to validating the authenticity and physical location of remote employees. For the global technology sector, this case stands as a sobering reminder that the ease of remote hiring now comes with serious geopolitical implications.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
