Inside the Shadow Network: North Korean IT Workers and Their PRC Backers

Remote work has unlocked new talent—but also new vulnerabilities. North Korean IT professionals, using false or stolen identities, have secured roles at companies in the U.S. and other Western nations.

Often posing as freelance developers or engineers, these individuals are part of a state-directed effort to access sensitive data and generate revenue for the DPRK—funds that are used to support prohibited weapons programs and evade international sanctions.

In recent months, the U.S. Department of Justice indicted 14 DPRK nationals for a global fraud campaign, and the Treasury Department sanctioned multiple entities involved. The FBI continues to issue alerts to businesses.

Strider’s latest report goes deeper.

It reveals how the People’s Republic of China (PRC) has enabled these operations—and identifies 35 PRC-based organizations that may be materially supporting DPRK-linked activity, exposing Western companies to real compliance and security risks.

Key Points:

Learn how IT workers are using fraudulent identities and freelance platforms to get hired by Western companies.
Exclusive, real-world examples of infiltration into U.S. firms
Understanding the serious financial, IP, and reputational risks when hiring fraudulent workers - especially those linked to the DPRK - for Western businesses.

Inside the Shadow Network: North Korean IT Workers and Their PRC Backers

Strider’s latest report goes deeper.

Get the Full Report