Federal authorities say that thousands of information technology workers contracting with U.S. companies secretly sent millions of dollars of their wages to North Korea for use in its ballistic missile program
That would require a background investigation along the lines of one the US government conducts for SECRET clearances and above. This was the private sector, not even government contracting. HR isn’t going to probe anybody’s background that deeply (and even basic tradecraft training would hide any of the signs from them).
Is it the employer’s responsibility to determine that somebody is or is not a spy? Like the scam here was to do the actual job and send money back, not to steal company information etc. companies have legal obligations to make sure people are authorized to work in the US etc, but the government sets those standards. If you’ve got convincing enough paperwork, it’s the governments job to enforce this stuff, not the employer.
That said, I’ve interviewed several remote people who were clearly using fake identities and also clearly didn’t have the skills for the job. Seems obvious their scam was to just collect a paycheck doing nothing, so if that’s the same group, then the employers bear some fault for hiring unqualified people… but on the other hand if the North Koreans were actually doing the jobs they were paid for, no reason the company should care.
It sounds like the companies did a shitty job of hiring and didn’t confirm that these people weren’t spies.
That would require a background investigation along the lines of one the US government conducts for SECRET clearances and above. This was the private sector, not even government contracting. HR isn’t going to probe anybody’s background that deeply (and even basic tradecraft training would hide any of the signs from them).
Is it the employer’s responsibility to determine that somebody is or is not a spy? Like the scam here was to do the actual job and send money back, not to steal company information etc. companies have legal obligations to make sure people are authorized to work in the US etc, but the government sets those standards. If you’ve got convincing enough paperwork, it’s the governments job to enforce this stuff, not the employer.
That said, I’ve interviewed several remote people who were clearly using fake identities and also clearly didn’t have the skills for the job. Seems obvious their scam was to just collect a paycheck doing nothing, so if that’s the same group, then the employers bear some fault for hiring unqualified people… but on the other hand if the North Koreans were actually doing the jobs they were paid for, no reason the company should care.