North Korea May Be Secretly Selling Face Recognition Tech Abroad Through Front Companies

Photo: AP

Security researchers have unearthed an elaborate scheme of North Korean front companies secretly suppling advanced biometric recognition and encryption software to countries around the world. In a new report, researchers at the James Martin Center for Nonproliferation Studies say North Korea uses a web of freelancing sites, shell companies, and difficult to trace aliases to circumvent international sanctions and, most troublingly, embed state software into foreign companies, including “at least one reputable defense firm in a U.S.-allied country.”

Titled “The Shadow Sector: North Korea’s Information Technology Networks,” the report was produced by researchers from the Middlebury Institute of International Studies at Monterey. The researchers investigated the Korea Aprokgang Technology Company, a network of North Korean IT companies specializing in fingerprint scanners and facial recognition software. Though the Beijing-based arm of the network was penalized by the UN for violating sanctions, researchers found North Korean shell companies providing tech in Russia, Malaysia and Nigeria.

Advertisement

“Despite the sanctions regime, Korea Aprokgang and its affiliate companies... are able to successfully form diverse corporate partnerships and develop business in the global market for biometric security products and software,” the report notes. “Crucially, it appears that a key part of their business is not the sale of physical devices, but of intangible technology transfer. This shift will only make it harder for investigators to uncover the activities of this network and others involved in the North Korean IT sector.”

The report continues with a series of case studies tying freelancers and manufacturers worldwide to the Korea Aprokgang Technology Company, most infamous among them Global Communications. Abbreviated as “Glocom,” the radio equipment vendor was exposed as a North Korean spy agency operating in Malaysia. Among Glocom’s partners was Future Tech Group, another shell company who claims to have sold biometric technology to U.S.-allied Turkey and Switzerland as well as to at least one “U.S. primary school.”

Advertisement

The report paints a picture of a sprawling and invisible network, with shell companies claiming to be in operation in “China, Japan, Malaysia, India, Pakistan, Thailand, UAE, UK, Germany, France, Russia, Canada, Argentina, Nigeria and other countries.” The report concludes that the online-ness of it all makes the network harder to stop.

“Intangible forms of revenue generation, like North Korea’s sale of algorithms or any software development offshoring, are also intrinsically harder to stem than tangible ones,” the researchers conclude. “At present, it seems that many affected clients have unwittingly engaged North Koreans. While the level of access Pyongyang may have into their customers’ systems and data depends upon the services rendered, there is demonstrated potential for North Korea to exploit these relationships for its cyber activities.”

Advertisement

[NPR]

Share This Story

About the author

Sidney Fussell

Of course I have pages. I had pages five years ago. How anyone can believe I don’t defies belief.

EmailTwitterPosts
PGP Fingerprint: 6595 DBB6 1A35 1D33 2459 1643 3315 A092 4BA2 05E1