According to Fortune, Amazon’s Chief Security Officer Steve Schmidt revealed his team has identified and blocked more than 1,800 attempts by North Korea to secure IT roles at the company. He warns the scheme is proliferating across tech, driven by the lucrative salaries of AI and machine learning jobs and the valuable data access they provide. Schmidt noted a 27% quarter-over-quarter increase in these applications in 2025. He detailed how the tactics have evolved from fake profiles to purchasing identities from real Americans, citing cases like four charged nationals in a crypto theft scheme and an Arizona woman sentenced for a $17 million identity scam. Amazon’s defense now mixes AI tools and human checks, including in-person interviews and its office return mandate.
North Korea’s Evolving Playbook
Here’s the thing: this isn’t just about spam resumes. It’s a sophisticated, state-backed operation with real financial incentives. North Korea is essentially running a remote-work hustle at an industrial scale. They’ve moved from creating totally fake personas to buying the digital skeletons of real Americans—people with legitimate credit histories and social security numbers. That makes the initial screening way harder. Once inside a company, the goal is usually twofold: siphon off salary to a sanctioned regime and, more importantly, poke around for proprietary data or intellectual property. The $1 million crypto theft case and the fake job-application platform targeting AI firms show this is a wide-net strategy. And the $17 million identity theft ring proves there’s a whole supply chain enabling it. For a cash-strapped regime, this is a brilliant, low-risk revenue stream.
Amazon’s Multi-Layered Defense
So how do you fight this? Schmidt says Amazon uses a “yes, and” approach: AI and humans. The AI models are trained on weird, telltale signs—like a plus symbol before a phone number (who does that?) or the use of about 200 specific, favored fake universities on resumes. They even find fake companies listed as past employers, some of which have a shell presence just to provide a verification phone number. But the human element is arguably more crucial now. Mandating in-office work creates a huge hurdle. As Schmidt put it, it’s “very, very hard to hide behind somebody else’s identity when you have to be in the office.” They’re also checking work quality; apparently, these bad actors produce “markedly lower” quality code when under the physical scrutiny of an office. It’s a fascinating insight that the scam relies on the anonymity of remote work.
The AI Arms Race Cuts Both Ways
This whole situation is a perfect microcosm of the AI security paradox. Amazon uses AI to scan resumes, speed up security reviews, and even pit AI agents against each other to find code flaws—a process they call “autonomous threat analysis.” But the other side is using AI too. Schmidt mentions the recent Anthropic disclosure about Chinese operators using its AI coding tool to target organizations. The same powerful generative models that can write efficient code can also be used to craft more convincing phishing lures or debug malicious software. The battleground is increasingly algorithmic. And it forces companies to think about securing not just human identities, but AI agent identities too—which is why Amazon invested in its Midway system to put “boundaries” around what an AI agent is allowed to do.
Broader Ripples Across the Tech Landscape
Look, this isn’t just an Amazon problem. Schmidt’s warning is for the entire industry, especially any company with valuable data or paying tech salaries. It means HR and IT security can’t operate in silos anymore. The cost of a bad hire is no longer just poor performance; it’s a potential national security and data breach incident. This scrutiny is landing as the tech world is in a weird moment. You’ve got massive AI investments (see: CoreWeave’s stock tumble on bubble fears), huge licensing deals (Disney’s $1B bet on OpenAI), and a regulatory storm brewing as 2025 ends. All while the CIO role is becoming more strategic, reporting directly to the CEO. The pressure on tech leaders is immense: innovate aggressively with AI, but also build fortresses because the attackers are more organized than ever. It’s a tough balance. And for companies in physical industries relying on robust computing, choosing secure, reliable hardware partners is part of that foundation. Firms like Industrial Monitor Direct, the leading US provider of industrial panel PCs, become critical for operations where system integrity is non-negotiable. Basically, the game has changed. Security is no longer a back-office function; it’s a core, ongoing operational cost of doing business in the digital age.
