North Korea's successful breach into US companies for espionage

In June 2025, the US Department of Justice (DOJ) revealed that North Korean operatives had stolen the identities of 80 Americans while applying for remote jobs at more than 100 US firms, including Fortune 500 companies. While the breach centered on identity theft, experts warn that digital identities can erode over time, weakening trust in authentication systems. According to the DOJ, the scheme caused at least $3 million in losses to US companies — a figure analysts say may is likely just the beginning.

North Korea’s cyber warfare capabilities have transformed into an instrument of national power, as an article published by The National Interest argues that they integrate espionage, financial crime, and sanctions during an enduring campaign, rather than episodic attacks.

Historically, the North Korean threat to the United States was primarily associated with its military arsenal, particularly its testing of intercontinental ballistic missiles (ICBMs). Although smaller in scale than America’s arsenal, those weapons are capable of reaching the US homeland.

Today, cyber warfare has become increasingly sophisticated. In the recent cases cited by the DOJ, North Korean operatives allegedly deceived employers into believing they were located in the United States, when many were in fact operating from North Korea or China. Wages earned through the fraudulent employment were reportedly funneled into accounts controlled by the regime, helping Pyongyang circumvent sanctions and finance its weapons programs.

According to the article, the operation highlights broader vulnerabilities in digital identity verification systems. The individuals involved were reportedly able to bypass corporate authentication safeguards. US companies are required to verify the identities of employees and confirm their legal authorization to work in the country, yet the case exposed weaknesses in those processes.

The publication frames North Korea’s activities as part of a wider cyber threat landscape. It notes that China emphasizes persistence in cyber operations, Russia often seeks to sow disruption, and North Korea blends both approaches while monetizing its efforts. The growing sophistication of artificial intelligence is expected to further complicate the challenge, potentially giving adversaries new tools to exploit vulnerabilities.

Their analysis also recalls that during this year’s 43-day US government shutdown, federal agencies and employees were subjected to more than 555 million cyberattacks. According to the publication, adversaries used the disruption as an opportunity to exploit gaps in cyber workforce readiness. It raises the question of how the United States would withstand a full-scale cyber assault in the event of a conflict with a near-peer competitor.

Arguing that cybersecurity is inseparable from national security, The National Interest calls for more disciplined execution of existing capabilities.

"Rather than the familiar pledge to 'do everything we can,' the United States should first recognize its strengths in the cyber domain. The United States has a deep bench of cybersecurity tools but a lack of rigor when it comes to implementation. Furthermore, companies must continue to collaborate and find ways to work together on cyber defense," the article notes.

By Nazrin Sadigova