© 2023 St. Louis Public Radio
Play Live Radio
Next Up:
0:00 0:00
Available On Air Stations

FBI St. Louis seizes domains, disrupts funding to North Korean weapons programs

A White man with close cropped hair, wearing a gray suit and a blue tie, stands in front of an American flag and a wall decorated with FBI St. Louis decals.
Tristen Rouse
St. Louis Public Radios
Special Agent in Charge Jay Greenberg speaks during a press conference on Wednesday at the FBI’s St. Louis field office.

The FBI's St. Louis office announced Wednesday that it seized 17 website domains and $1.5 million in funding that North Korea has used to evade sanctions and produce ballistic missiles and weapons of mass destruction.

The agency said at a press conference Wednesday that North Korea used IT workers by hiding their identities and having U.S. companies unknowingly hire them. Workers stole those companies’ intellectual property, data and money to use toward weapons in North Korea.

St. Louis Special Agent in Charge Jay Greenberg said there have been victims in St. Louis, but officials declined to provide more details. According to the FBI, companies in St. Louis unwittingly contributed hundreds of thousands of dollars to North Korea’s nuclear weapons program.

Greenberg said once foreign IT workers have access to domains, an “insider threat” is posed.

“If it seems too good to be true that you’re being paid by someone you don’t know for access to use your technology, then it probably is,” Greenberg said.

FBI leaders said schemers use facilitators — most of whom are located in China and some in North Korea — who either unwittingly or wittingly facilitate who they allow on their internet databases.

Schemers also impersonate people by using their addresses and other identifiable information. Red flags in hiring can include a person being unwilling to appear on camera for video interviews or video meetings and undue concern about meeting in person or completing a drug test, the FBI reports.

FBI leaders encouraged companies to be careful about whom they hire and allow to access their IT systems.

Scott Baucum is a vice president for Bayer, which was not a victim of the scam. But he said the FBI warnings did help identify potential problems and report them.

“I would recommend that any company that's out there receiving these [warnings] read these timely, take them seriously and then follow through in your own organization in your own specific ways,” Baucum said.

A White man, wearing a navy pinstriped suit and blue tie with close-cropped hair, speaks at a podium. Behind him is an FBI flag, and another man in a suit observes him
Tristen Rouse
St. Louis Public Radios
Scott Baucum, vice president of special compliance and asset protection at Bayer U.S., speaks during a press conference on Wednesday at the FBI’s St. Louis field office.

How can companies protect themselves?

The FBI suggests employers:

• Request documentation of background checks or conduct their own background checks for IT workers.

• Do not accept background check documentation provided by untrusted or unknown authorities.

• Verify that the check and routing number match an actual bank and do not belong to a money service business.

• Request voided checks or certified documentation from their financial institution.

• Prevent remote desktop protocol from being used on all company devices and don’t allow use of remote desktop apps for work.

Lacretia Wimbley is a general assignment reporter for St. Louis Public Radio.
Jonathan is the Rolla correspondent for St. Louis Public Radio.