The Global Threat

In addition to threats from Russia, China, and Iran, the FBI protects the United States from the hostile intelligence activities of Cuba, Venezuela, North Korea, and various other countries.

Intelligence services from these countries pose a diverse set of threats, to include espionage, foreign influence operations, transnational repression, sanctions evasion, and illegal procurement of sensitive technology.

The FBI maintains an agile posture against these constantly evolving threats through proactive collaboration with all 56 field offices and the National Counterintelligence Task Force (NCITF).

Trend alert

The Democratic People’s Republic of North Korea (DPRK) IT Worker Schemes

North Korea continues to exploit vulnerabilities in the workforce realm, particularly through their remote IT worker scheme. This elaborate operation targets unsuspecting companies and government agencies by placing North Korean citizens into remote roles to advance the regimes strategic and financial objectives. Utilizing stolen identities and posing as non-Korean nationals, generates revenue for the regime while simultaneously evading detection.  

Many companies, ranging from Fortune 500 companies to U.S. government agencies, have unwittingly hired North Koreans generating millions of dollars for the DPRK, at their expense, and creating a serious counterintelligence threat.  Once embedded in U.S. companies/agencies, these actors can steal sensitive data and extort their victims- creating an insider risk that directly threatens U.S. national and economic security.

1. DPRK IT worker purchases access to a proxy account or hires a third party as a proxy to obscure identity.

2. Fraudulent or altered identification and credentials are submitted for accounts on freelance work platforms.

3. Fraudulent or altered identification and credentials are submitted for accounts on digital payment services.

4. DPRK IT worker wins a contract from an unwitting client on the freelance platform.

5. Client provides equipment to and interacts with the DPRK IT worker directly or with the DPRK IT worker's proxy.

6. Client processes payments for the completed contracts to the DPRK IT worker's fraudulent account.

Overview of DPRK IT worker operations. Source: U.S. Department of the Treasury

News

Stories, speeches, testimony, and press releases highlight the threat our global adversaries pose to our economic and national security.

Industry alerts

Industry alerts illustrate the threat our global adversaries pose to our nation’s safety and security in a digitally connected world. Material is intended for industry professionals and subject matter experts.

Resources

The small island nation of Cuba, just 90 miles from the U.S., utilizes an effective counterintelligence strategy to thwart American assets. In this roundtable discussion, FBI officials from the Counterintelligence and Espionage Division discuss the history—and current events—of dealing with Cuban spies.

Transcript / Visit Video Source

Related pages

Wanted by the FBI

These fugitives are wanted for crimes committed against Americans and U.S. interest, some of which that occurred on behalf of our global adversaries.