Enemies By Design: How The US And USSR Shaped Each Other's Identity

 Heraldviews with Agency report

North Korean operatives posing as freelance IT workers are infiltrating companies across Europe, according to a new report from Google's Threat Intelligence Group (GTIG). The researchers warn these agents, part of Pyongyang's notorious Lazarus Group, are using sophisticated fake identities to gain employment, particularly in defence and government sectors.

The report details how one North Korean operative created at least 12 fake personas while applying for jobs at multiple European organizations. These "IT warriors" forge professional references, fabricate work histories, and even use secondary fake profiles to vouch for their credibility. Many falsely claim nationalities from countries including Italy, Japan, the United States and Ukraine to avoid detection.

Germany, Portugal and the UK have all been targeted, with the operatives securing contracts in fields ranging from web development to blockchain technology through freelance platforms like Upwork and Freelancer. Cybersecurity experts warn this access could enable corporate espionage, intellectual property theft, and potential system sabotage.

Of particular concern are companies with "bring your own device" policies, where personal laptops lacking corporate security monitoring create vulnerabilities. GTIG researchers noted these BYOD environments are being actively exploited by the North Korean operatives.

The operation relies on an expanding global network of facilitators who help agents bypass identity checks, process fraudulent payments, and provide local support. Recent investigations have uncovered new nodes of this network in the UK.

Analysts suggest economic sanctions may be driving more aggressive tactics, with operatives under pressure to generate foreign currency for the North Korean regime. The Lazarus Group, believed to be behind the operation, recently made headlines for amassing Bitcoin holdings that surpassed those of Tesla.

A UK National Cyber Security Centre spokesperson confirmed they are working with industry partners to counter the threat. The revelations come amid heightened warnings from Western intelligence agencies about increasing cyber aggression from state-aligned groups, following recent reports of Russian hackers targeting European political institutions ahead of key elections.