Amazon’s Chief Security Officer Stephen Schmidt has revealed that the technology conglomerate successfully intercepted over 1,800 job applications from suspected North Korean operatives attempting to infiltrate remote IT positions. In a detailed LinkedIn post, Schmidt exposed how these individuals utilized stolen or fabricated identities to secure employment within American companies, with the ultimate goal of diverting wages to fund Pyongyang’s weapons development programs.
The sophisticated operation involves North Korean agents collaborating with ‘laptop farm’ operators—clusters of computers physically located in the United States but controlled remotely from abroad. Schmidt noted a concerning 30% surge in such fraudulent applications over the past year, indicating an escalating trend affecting the broader technology sector.
Amazon’s defense strategy employs a dual-layered approach combining artificial intelligence screening tools with human verification processes to identify suspicious patterns. Schmidt highlighted evolving tactics including the hijacking of dormant LinkedIn accounts through compromised credentials and the targeting of legitimate software engineers to enhance credibility.
This revelation follows significant Justice Department actions, including the June disclosure of 29 illegal laptop farms operated across the U.S. and the recent sentencing of an Arizona woman to eight years imprisonment for facilitating North Korean IT workers’ access to over 300 American companies. The scheme allegedly generated approximately $17 million in illicit revenue for both the operatives and the North Korean regime.
Security experts warn that this represents a systematic, industry-wide threat requiring enhanced vigilance in hiring practices, particularly regarding discrepancies in phone number formatting and educational background inconsistencies.