글쓴이 /
Banner image illustrating AI cybercrime sanctions on North Korea, featuring symbolic visuals including an AI head, a laptop with code, the North Korean flag, and a digital currency coin, styled in navy blue, soft gold, light gray, and teal brand colors.

U.S. Sanctions North Korea’s AI-Powered Cyber Scheme

Intermediate | July 15, 2025

혼자서 기사를 소리 내어 읽거나 튜터를 따라 각 단락을 반복해서 읽으세요. 레벨...

Uncovering the AI Cyber Threat

U.S. Targets North Korean Cyber Operative

The United States recently took strong action through AI cybercrime sanctions on North Korea against a major cyber scheme. This advanced plot used artificial intelligence (AI) to earn money for North Korea’s weapons programs and to spy on other countries. On July 8, 2025, the U.S. Department of the Treasury’s OFAC sanctioned Song Kum Hyok, a North Korean cyber operative. He is believed to be part of the hacking group Andariel and is accused of running a fake IT worker program. He was even linked to an attempt to hack the U.S. Department of the Treasury itself.

How the Scheme Works and Its Impact

How North Korean Workers Infiltrate Companies

North Korea sends thousands of skilled IT workers around the world, especially to China and Russia. These workers hide who they really are by using stolen personal information from Americans, like names, Social Security numbers, and addresses. They then get remote jobs at foreign companies without the companies knowing, even at big Fortune 500 companies or those in tech and cryptocurrency. The money they earn, often paid in digital currencies like USDC or USDT, is then cleaned through complex financial systems and sent back to North Korea. This money helps fund their illegal weapons and missile programs.

Use of AI to Enhance Deception

Since 2024, these North Korean IT workers have started using AI to make their operations bigger and more advanced. They use AI tools to create fake profile photos, employ “deepfakes” for video interviews, overcome language differences, and change images on stolen identity documents. This makes it much harder for companies to detect them.

Financial and Security Consequences

The impact of this scheme is significant. From 2020 to 2022, over 300 U.S. companies unknowingly hired these North Korean workers. There were also attempts to get information from two U.S. government agencies. More recently, in the first half of 2025, North Korea was responsible for about \$1.6 billion in cryptocurrency losses globally. A large part of this, \$1.5 billion, came from the major Bybit hack.

International Sanctions and Legal Action on AI Cybercrime

In addition to Song Kum Hyok, the U.S. also sanctioned Gayk Asatryan, a facilitator based in Russia, and four companies (two in Russia, two in North Korea) involved in sending out these IT workers. The Department of Justice also filed a complaint on June 5, 2025, to seize over \$7.7 million in cryptocurrency and digital assets linked to this money laundering network.

The Role of Research Center 227

North Korea has even created a special facility called “Research Center 227.” This center focuses on cybercrime with AI, operating 24 hours a day, 7 days a week, and working with the government’s Reconnaissance General Bureau (RGB). It has at least 90 cybersecurity experts in Pyongyang, whose goal is to develop powerful hacking technologies and programs using AI for cyberattacks, fraud, and gathering information.

Vocabulary

  1. sanctioned (verb): Officially approved or punished an action or person, often by limiting trade or other exchanges.
    • Example: “The U.S. government sanctioned the individual for their involvement in illegal activities.”
  2. operative (noun): A person who works for a government agency or organization, often secretly.
    • Example: “The cyber operative was skilled at hiding his true identity.”
  3. fraudulent (adjective): Intended to deceive; dishonest or false.
    • Example: “He ran a fraudulent scheme to trick companies into hiring fake workers.”
  4. obfuscate (verb): To make something unclear or difficult to understand, often intentionally.
    • Example: “The workers tried to obfuscate their true identities using stolen information.”
  5. illicit (adjective): Forbidden by law, rules, or custom; illegal.
    • Example: “The illicit revenue was used to fund illegal weapons programs.”
  6. leveraged (verb): Used something to maximum advantage.
    • Example: “The hackers leveraged AI tools to make their operations more sophisticated.”
  7. deepfakes (noun): Images or videos that have been realistically altered or manipulated to misrepresent someone as doing or saying something that was not actually done or said.
    • Example: “During video interviews, they used deepfakes to appear as different people.”
  8. forfeiture (noun): The loss or giving up of something as a penalty for wrongdoing.
    • Example: “The government filed a complaint seeking the forfeiture of illegally obtained cryptocurrency.”
  9. infrastructure (noun): The basic physical and organizational structures and facilities (e.g., buildings, roads, power supplies) needed for the operation of a society or enterprise.
    • Example: “North Korea built a special infrastructure to support its cybercrime activities.”
  10. reconnaissance (noun): Preliminary surveying or research; military observation of a region to locate an enemy or determine strategic features.
    • Example: “The center coordinates with a bureau focused on reconnaissance and intelligence gathering.”

Discussion Questions (About the Article)

  1. What is the main goal of North Korea’s AI-driven cyber scheme?
  2. How do North Korean IT workers hide their identities when seeking remote jobs?
  3. What specific AI tools are mentioned that these workers use to improve their operations?
  4. According to the article, how much cryptocurrency was North Korea responsible for losing in the first half of 2025?
  5. What is “Research Center 227” and what is its purpose?

Discussion Questions (About the Topic)

  1. How can individuals and companies protect themselves from schemes that use stolen identities and AI?
  2. Why do you think North Korea relies so heavily on cybercrime for revenue?
  3. What are the biggest challenges in stopping international cyber schemes like the one described?
  4. Do you think AI will make cybercrime easier or harder to detect in the future? Why?
  5. How important is international cooperation in fighting global cyber threats?

Related Idiom

A cat and mouse game

  • Meaning: A situation in which two opponents repeatedly pursue, capture, and escape each other.
  • Example: “The ongoing efforts to sanction North Korea’s cyber schemes against their constant adaptation feels like a cat and mouse game.”

📢 Want more tips like this? 👉 Sign up for the All About English Mastery Newsletter! Click here to join us!

Join the English Mastery Club — your place to practice, grow, and connect with others mastering English just like you!

Follow our YouTube Channel @All_About_English for more great insights and tips.

This article was inspired by: CBS News, July 9, 2025

Related Posts

댓글 달기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다


ko_KR한국어
en_USEnglish ko_KR한국어
위로 스크롤