North Korea’s IT Scheme Functions Like An Organized Crime Syndicate

A new report has revealed the organized and systemic nature of North Korea’s cybercrime operations, which function much like a global crime syndicate.

The broader IT fraud operation allegedly run by the regime generates between $250 million and $600 million annually.

The regime recruits skilled IT workers who impersonate Western citizens to secure remote jobs in U.S. and European companies, then funnel most of their earnings back to Pyongyang to fund Kim Jong Un’s nuclear program, Amanda Gerut reported for Fortune Tech.

The report—published by cybersecurity firm DTEX—details how the operation escalated this year, with 90 elite graduates recruited into a newly established AI research center and required to double their monthly remittances.

According to UN estimates, the broader IT fraud operation generates between $250 million and $600 million annually.

Separately, North Korean hacking units under the Advanced Persistent Threat umbrella have stolen over $3 billion in cryptocurrency, with intelligence shared across different teams.

Pressure to deliver income has led to the rise of “side hustles,” which are tolerated so long as workers continue to increase their revenue, the report said.

“Cyber operatives are not motivated by ideology but by basic material needs—food, shelter, healthcare, and education for their families,” said Michael “Barni” Barnhart, lead investigator for DPRK activity at DTEX. “Loyalty is not the core driver. Survival is.”