1 00:00:03,640 --> 00:00:07,400 S1: Investigative reporter Nick McKenzie logged on to the Zoom meeting 2 00:00:07,440 --> 00:00:12,160 S1: to meet the man who said he was Aaron Pearson. McKenzie, too, 3 00:00:12,200 --> 00:00:15,720 S1: was hiding his real identity, pretending to be a recruiter 4 00:00:15,720 --> 00:00:19,360 S1: for an Australian tech company. The whole thing was a setup, 5 00:00:19,560 --> 00:00:22,720 S1: a trap for someone McKenzie suspected to be a spy 6 00:00:22,760 --> 00:00:27,440 S1: for North Korea. I'm Samantha Cylinder Morris, and you're listening 7 00:00:27,480 --> 00:00:30,360 S1: to Morning Edition from the Age and The Sydney Morning 8 00:00:30,360 --> 00:00:34,559 S1: Herald today. Nick McKenzie on the new way that spies 9 00:00:34,600 --> 00:00:39,040 S1: are targeting Australian businesses. And what happened in that Zoom call. 10 00:00:44,280 --> 00:00:47,400 S1: So ASIO has told you that North Korean spies have 11 00:00:47,400 --> 00:00:50,880 S1: infiltrated companies in Australia, using what you've described as an 12 00:00:50,880 --> 00:00:53,040 S1: ingenious method. Tell us about this. 13 00:00:54,320 --> 00:00:58,200 S2: Well, just how ingenious it is is perhaps open to debate, 14 00:00:58,200 --> 00:01:02,260 S2: but it's certainly malicious and it's certainly at vast scale. 15 00:01:02,260 --> 00:01:05,059 S2: So what's happening? The North Koreans need money. Kim Jong 16 00:01:05,100 --> 00:01:08,819 S2: un has a, as we know, uh, illicit weapons program, 17 00:01:08,819 --> 00:01:13,500 S2: nuclear ballistic and other. It needs to fund that. North 18 00:01:13,500 --> 00:01:16,660 S2: Korea is also on a mission to steal sensitive commercial 19 00:01:16,660 --> 00:01:20,580 S2: IP defense IP from Western nations across the world. And 20 00:01:20,580 --> 00:01:23,860 S2: ultimately it wants leverage points, not just weapons, but if 21 00:01:23,860 --> 00:01:27,540 S2: it can go and sabotage companies involved in vital infrastructure. 22 00:01:27,540 --> 00:01:29,420 S2: These are all things the North Koreans want. Now, what 23 00:01:29,420 --> 00:01:32,700 S2: North Korea has done is deploy an army of agents 24 00:01:32,860 --> 00:01:39,060 S2: who are pretending to be non-north Koreans. So American, Western European, 25 00:01:39,260 --> 00:01:44,380 S2: South Asian, Southeast Asian, remote IT workers offering themselves out 26 00:01:44,380 --> 00:01:48,140 S2: as job applicants at major companies and small companies and saying, 27 00:01:48,140 --> 00:01:50,620 S2: we can work for your Australian company. Well, one little thing, 28 00:01:50,620 --> 00:01:52,620 S2: we'll have to work offshore. Just think of it as 29 00:01:52,620 --> 00:01:54,700 S2: a stay at home workout. We'll work in your IT 30 00:01:54,740 --> 00:01:57,580 S2: department or as an IT contractor, or through an IT 31 00:01:57,580 --> 00:02:00,380 S2: contractor third party, and you'll be none the wiser that 32 00:02:00,380 --> 00:02:02,760 S2: we are, in fact a North Korean agent. The money 33 00:02:02,760 --> 00:02:04,800 S2: you pay us goes straight back to the regime of 34 00:02:04,840 --> 00:02:08,000 S2: Kim Jong un. And once we're in your systems, once 35 00:02:08,000 --> 00:02:13,040 S2: we're in your networks, we can steal your secrets. And 36 00:02:13,400 --> 00:02:16,799 S2: worst case scenario, engage in acts of sabotage if and 37 00:02:16,800 --> 00:02:20,200 S2: when the need arises. Now, no less than the Director-General 38 00:02:20,200 --> 00:02:23,160 S2: of security, the head of ASIO, Mike Burgess, has sounded 39 00:02:23,160 --> 00:02:26,680 S2: the alarm that Australian companies have been infiltrated. His investigators 40 00:02:26,680 --> 00:02:30,079 S2: have found this going on in Australia. It's a real, 41 00:02:30,080 --> 00:02:31,280 S2: clear and present danger. 42 00:02:33,919 --> 00:02:35,880 S1: Okay, well, this is what I wanted to ask you, 43 00:02:35,880 --> 00:02:37,799 S1: because you said that it's actually rare to get an 44 00:02:37,800 --> 00:02:40,120 S1: invite into the ASIO building. This, of course, is our 45 00:02:40,120 --> 00:02:43,600 S1: leading spy agency. But not only did ASIO boss Mike 46 00:02:43,600 --> 00:02:46,700 S1: Burgess invite you in, but he invited the whole 60 47 00:02:46,700 --> 00:02:50,000 S1: minutes video crew into the building to film your interview. 48 00:02:50,000 --> 00:02:52,799 S1: So is this an indication of how damaging you know, 49 00:02:52,840 --> 00:02:55,720 S1: these North Korean spies are potentially to Australians? And what 50 00:02:55,720 --> 00:02:58,560 S1: exactly is at stake here? Like, what threat do they 51 00:02:58,560 --> 00:03:00,040 S1: pose to anyone who's listening? 52 00:03:00,680 --> 00:03:04,100 S2: Well, I think the reason that they're normally very secretive 53 00:03:04,139 --> 00:03:07,020 S2: ASIO and it is extremely rare to get access to 54 00:03:07,060 --> 00:03:10,619 S2: ASIO and its Director-General. Open the doors on this occasion 55 00:03:10,620 --> 00:03:14,140 S2: is because the spy agency by itself, with its partners, 56 00:03:14,139 --> 00:03:16,740 S2: the AFP and others, can only do so much for 57 00:03:16,780 --> 00:03:20,940 S2: Australia to actually properly combat these malicious actors. We've got 58 00:03:20,940 --> 00:03:22,860 S2: to get on the front foot. And that's not the 59 00:03:22,860 --> 00:03:25,299 S2: job of the spies, the spooks and the cops. It's 60 00:03:25,300 --> 00:03:27,980 S2: the job of the companies and the communities. How dangerous 61 00:03:28,020 --> 00:03:31,100 S2: is it? Well, the world is a more hostile and 62 00:03:31,100 --> 00:03:34,900 S2: more complex place arguably than ever before. We know North 63 00:03:34,900 --> 00:03:37,460 S2: Korea wishes to do the West harm. We know North 64 00:03:37,460 --> 00:03:41,940 S2: Korea is building stockpiles of terribly destructive weapons. We know 65 00:03:41,940 --> 00:03:45,820 S2: North Korea already has very active cyber operations across the world, 66 00:03:46,100 --> 00:03:51,180 S2: seeking to infiltrate Western companies, Western governments to steal secrets 67 00:03:51,740 --> 00:03:55,420 S2: most significantly, once. And this is the danger of the 68 00:03:55,420 --> 00:03:58,340 S2: cyber digital economy world in which we now all live. 69 00:03:58,340 --> 00:04:01,200 S2: Once a hostile actor, a North Korean agent is in 70 00:04:01,200 --> 00:04:05,840 S2: your systems. They can do untold damage. We've seen what 71 00:04:05,840 --> 00:04:09,760 S2: happens when large organizations are hacked. We've seen systems go down. 72 00:04:09,760 --> 00:04:14,000 S2: We've seen hospitals and places providing acute services, much needed 73 00:04:14,000 --> 00:04:19,599 S2: services held to ransom. These are all massive sabotage like dangers. 74 00:04:19,800 --> 00:04:21,920 S2: And that's bad enough. It's not just that you're funding 75 00:04:21,920 --> 00:04:24,080 S2: the North Korean regime when you employ these North Korean 76 00:04:24,120 --> 00:04:28,120 S2: agents unwittingly. But the risk is you're also giving up 77 00:04:28,160 --> 00:04:31,200 S2: your commercial secrets. It could be secrets that are sensitive 78 00:04:31,200 --> 00:04:34,800 S2: to national security, but also you could be compromising. If 79 00:04:34,839 --> 00:04:38,839 S2: you say a company working in critical infrastructure, you could 80 00:04:38,839 --> 00:04:41,960 S2: be compromising national security that way because of the risk 81 00:04:41,960 --> 00:04:46,839 S2: that these same remote IT secret agents can work as 82 00:04:46,839 --> 00:04:48,120 S2: saboteurs down the track. 83 00:04:48,480 --> 00:04:52,000 S1: Okay. And ASIO actually has examples of Australian companies that 84 00:04:52,000 --> 00:04:55,640 S1: have been infiltrated by these North Korean spies. So tell 85 00:04:55,680 --> 00:04:56,480 S1: us about that. 86 00:04:57,960 --> 00:05:00,479 S2: Well, the director general of ASIO didn't say a great 87 00:05:00,480 --> 00:05:04,170 S2: deal about that Other than his investigators have found these 88 00:05:04,170 --> 00:05:07,810 S2: threat actors. They found them operating in Australia because we're 89 00:05:07,810 --> 00:05:11,210 S2: talking about essentially criminal acts. It's one for the AFP. 90 00:05:11,570 --> 00:05:14,090 S2: So these matters have been referred to the federal police. 91 00:05:14,130 --> 00:05:17,610 S2: We have detects a cyber company that's leading the charge 92 00:05:17,610 --> 00:05:20,770 S2: here in this nation, protecting the private sector. Also referring 93 00:05:20,770 --> 00:05:23,450 S2: matters to the AFP. We know there are live AFP 94 00:05:23,490 --> 00:05:27,529 S2: assessments and or investigations into these threat actors here operating 95 00:05:27,529 --> 00:05:31,410 S2: in Australia, either from a remote location or in some cases, 96 00:05:31,810 --> 00:05:37,210 S2: onshore in Australia. The most prominent case that we uncovered 97 00:05:37,210 --> 00:05:41,089 S2: involved the National Australia Bank, the NAB, one of the 98 00:05:41,089 --> 00:05:43,930 S2: big four banks. It found one of these North Korean 99 00:05:43,930 --> 00:05:47,570 S2: agents had infiltrated its workforce, posing as a remote IT worker, 100 00:05:47,570 --> 00:05:50,610 S2: albeit through a third party contractor identified the threat it 101 00:05:50,610 --> 00:05:52,610 S2: got rid of the actor. But the point to be 102 00:05:52,610 --> 00:05:57,089 S2: made is if a very sophisticated beast like the NAB, 103 00:05:57,130 --> 00:06:00,810 S2: with all its cyber and security controls, can be so 104 00:06:00,870 --> 00:06:04,669 S2: easily infiltrated. Think how the rest of our tech, commercial, 105 00:06:04,670 --> 00:06:08,870 S2: financial services, defense sectors are exposed, and even more so 106 00:06:08,870 --> 00:06:11,630 S2: when there are players without those controls that the NAB 107 00:06:11,950 --> 00:06:13,469 S2: and other big players naturally have. 108 00:06:16,110 --> 00:06:19,029 S1: Okay, well, let's get into how these North Korean spies 109 00:06:19,029 --> 00:06:23,310 S1: have actually infiltrated companies in Australia and elsewhere. Perhaps you 110 00:06:23,310 --> 00:06:25,910 S1: can just tell us about how you actually caught one 111 00:06:25,910 --> 00:06:28,470 S1: of these operatives in the act. What happened? 112 00:06:28,950 --> 00:06:31,030 S2: Well, we know there are thousands of North Korean agents 113 00:06:31,029 --> 00:06:35,030 S2: posing as these remote IT workers. They're using networks of 114 00:06:35,029 --> 00:06:39,710 S2: intermediaries who play certain roles in this scheme. There are 115 00:06:39,870 --> 00:06:41,630 S2: managers of the scheme. Think of them as, I guess, 116 00:06:41,670 --> 00:06:44,710 S2: as more senior agents or more senior spies calling the shots. 117 00:06:45,390 --> 00:06:48,030 S2: There's a system that's been put into place and developed, 118 00:06:48,029 --> 00:06:50,670 S2: and it's developing in time. So, for instance, one of 119 00:06:50,670 --> 00:06:53,830 S2: the more recent developments is the North Koreans are using AI. 120 00:06:53,870 --> 00:06:57,790 S2: The AI programs create resumes. They scoured the internet looking 121 00:06:57,790 --> 00:07:03,250 S2: for remote IT job opportunities. The AI programs initially sometimes 122 00:07:03,250 --> 00:07:06,570 S2: interact with recruiters as if they're a real person once 123 00:07:06,570 --> 00:07:09,330 S2: they get through the door. Then the North Korean agent, 124 00:07:09,330 --> 00:07:13,130 S2: who's a well trained operative who speaks pretty good English 125 00:07:13,570 --> 00:07:16,250 S2: and is trained to say, I'm actually stationed right now. 126 00:07:16,250 --> 00:07:19,050 S2: In the case of the operative that I encountered in 127 00:07:19,050 --> 00:07:22,850 S2: San Jose, California. Then the operative steps in and conducts 128 00:07:22,850 --> 00:07:25,570 S2: the job interview and hopefully lands the job. So knowing 129 00:07:25,570 --> 00:07:28,930 S2: all that, we actually set up a trap. We knew 130 00:07:28,970 --> 00:07:31,970 S2: the sorts of jobs the North Koreans were after. We 131 00:07:32,010 --> 00:07:36,730 S2: advertised one of those jobs using a friendly recruiter, in fact, 132 00:07:36,730 --> 00:07:39,410 S2: working for us. And we were partnered. We did this 133 00:07:39,410 --> 00:07:42,890 S2: with Dtex, the cyber company that's leading the charge, fighting 134 00:07:42,890 --> 00:07:46,410 S2: these malicious actors. Put the job out there. Sure enough, 135 00:07:46,450 --> 00:07:49,170 S2: AI interacts with what looks like AI interacts with us 136 00:07:49,170 --> 00:07:52,050 S2: saying yes, love to go for this role. I'm a 137 00:07:52,090 --> 00:07:56,929 S2: Californian based IT professional. This is my resume and keen. 138 00:07:56,970 --> 00:07:59,930 S2: Let's do the interview. There were some things about that 139 00:07:59,930 --> 00:08:02,950 S2: identity used. We knew that was an identity that had 140 00:08:02,950 --> 00:08:05,830 S2: been used previously in North Korean operations, so we had 141 00:08:05,830 --> 00:08:07,710 S2: a very good sense. This was likely to be a 142 00:08:07,710 --> 00:08:12,110 S2: North Korean operation, but we didn't know until that interviewee 143 00:08:12,150 --> 00:08:15,350 S2: appears the job applicant appears. So I take the place 144 00:08:15,350 --> 00:08:18,670 S2: as the recruiter I'm being secretly filmed. I say, hello, welcome. 145 00:08:18,910 --> 00:08:20,990 S2: I'm a recruiter and who are you and who pops 146 00:08:20,990 --> 00:08:23,070 S2: up on the screen? Well, the person had gone for 147 00:08:23,070 --> 00:08:25,990 S2: the job. His name is Aaron Pearson or his alias 148 00:08:26,030 --> 00:08:28,790 S2: is Aaron Pearson. And the photo I had of Aaron 149 00:08:28,790 --> 00:08:31,430 S2: Pearson was of a Black American. That was the person 150 00:08:31,430 --> 00:08:33,470 S2: we thought would be popping up on screen, because that 151 00:08:33,470 --> 00:08:36,350 S2: person had been involved in other job applications that were 152 00:08:36,390 --> 00:08:38,950 S2: of suspicion. In fact, what pops up or the person 153 00:08:39,070 --> 00:08:42,589 S2: that pops up is someone who looks Asian. Hello? Is 154 00:08:42,590 --> 00:08:43,430 S2: that Aaron? 155 00:08:43,830 --> 00:08:48,910 S3: Yeah. Hey. Sorry for being late. Yeah, that's okay to me. So, yeah. 156 00:08:49,630 --> 00:08:51,510 S2: They don't look like an Aaron Pearson. They certainly don't 157 00:08:51,510 --> 00:08:54,310 S2: look like Aaron Pearson, the black American on the resume. 158 00:08:54,309 --> 00:08:56,790 S2: I had already knew likely it was to be an operative, 159 00:08:57,510 --> 00:09:00,630 S2: so I had to test that theory. He went through 160 00:09:00,670 --> 00:09:02,890 S2: his technical expertise, but I then asked him, okay, are 161 00:09:02,890 --> 00:09:06,290 S2: you saying you were living in San Jose, California? Have 162 00:09:06,290 --> 00:09:09,569 S2: you been to Santa Cruz? That local surf break of yours? 163 00:09:10,010 --> 00:09:12,530 S2: He doesn't like sharks, he tells me. What about Big Sur, 164 00:09:12,570 --> 00:09:15,970 S2: that very famous landmark that. Think of the big Californian redwoods. 165 00:09:16,010 --> 00:09:20,209 S2: He wasn't overly okay with those, either. New York. He'd 166 00:09:20,210 --> 00:09:23,690 S2: lived there for three years. He could not name the 167 00:09:24,170 --> 00:09:29,010 S2: area in New York. Think about those famous New York areas. Manhattan, Brooklyn, 168 00:09:29,050 --> 00:09:32,130 S2: the Bronx. He could not name where he lived. All 169 00:09:32,130 --> 00:09:35,770 S2: he could say was on the west. Where are you living? 170 00:09:35,770 --> 00:09:36,850 S2: What's that? What suburb? 171 00:09:37,650 --> 00:09:39,170 S3: Uh. I'm sorry. 172 00:09:39,330 --> 00:09:40,850 S2: Where in New York did you live? 173 00:09:42,050 --> 00:09:44,370 S3: I'm in west coast of the New York. I mean, 174 00:09:44,410 --> 00:09:46,650 S3: west part of the New York area. 175 00:09:47,770 --> 00:09:51,689 S2: The more I drilled, the more stilted he became. Finally 176 00:09:51,690 --> 00:09:53,210 S2: I said to him, well, you don't look like the 177 00:09:53,210 --> 00:09:56,370 S2: Aaron Pearson, who I believe is the real Aaron Pearson. 178 00:09:57,010 --> 00:09:59,930 S2: And he began to panic and push back. We know 179 00:09:59,929 --> 00:10:02,670 S2: that when North Korean Asians are challenged about the regime 180 00:10:02,670 --> 00:10:04,270 S2: for who they operate. If you say to them, tell 181 00:10:04,270 --> 00:10:07,470 S2: me about the North Korean regime, they cannot ever speak 182 00:10:07,510 --> 00:10:10,510 S2: ill of their dear leader, Kim Jong un or the 183 00:10:10,510 --> 00:10:13,230 S2: regime itself. So I put it to him pretty frankly. 184 00:10:13,990 --> 00:10:16,030 S2: I said, we're worried about North Korean operatives. What do 185 00:10:16,030 --> 00:10:18,309 S2: you think about the North Korean regime? And that's when 186 00:10:18,309 --> 00:10:21,230 S2: he very quickly wrapped up the interview we have in 187 00:10:21,270 --> 00:10:24,070 S2: Australia sanctions. It means we cannot deal with anyone from 188 00:10:24,070 --> 00:10:25,950 S2: North Korea. Are you comfortable with that? 189 00:10:25,990 --> 00:10:29,030 S3: Hey, I'm being asked at this interview. 190 00:10:29,110 --> 00:10:31,510 S2: Um, can I can I tell you, Aaron, because I 191 00:10:31,510 --> 00:10:34,630 S2: have a photo of Aaron Pearson. It's a different you look, 192 00:10:34,710 --> 00:10:36,429 S2: the photo I have is of a of a, of 193 00:10:36,429 --> 00:10:37,190 S2: a black American. 194 00:10:37,230 --> 00:10:38,830 S3: I'm not interested in any more. By. 195 00:10:39,550 --> 00:10:42,189 S2: By then we had enough data points to know that 196 00:10:42,190 --> 00:10:44,030 S2: he was a North Korean agent. We'd caught him out 197 00:10:44,030 --> 00:10:46,590 S2: in the act and we. For the first time, I 198 00:10:46,590 --> 00:10:50,230 S2: think really ever of any Western media company caught out 199 00:10:50,230 --> 00:10:53,030 S2: a North Korean operative actually doing what's of such great 200 00:10:53,030 --> 00:10:55,190 S2: concern to our intelligence agencies across the world. 201 00:10:58,790 --> 00:10:59,750 S1: After the break. 202 00:11:00,550 --> 00:11:03,090 S2: The system or the operation put in place by North 203 00:11:03,090 --> 00:11:07,410 S2: Korea relies on companies taking shortcuts. And the terrifying thing is, 204 00:11:07,410 --> 00:11:10,490 S2: too many big Aussie corporates are taking those shortcuts. Why? 205 00:11:10,929 --> 00:11:11,730 S2: To save money. 206 00:11:16,730 --> 00:11:17,690 S4: And you've said that this is. 207 00:11:17,690 --> 00:11:20,130 S1: A relatively new problem for Australia. But we know that 208 00:11:20,130 --> 00:11:22,370 S1: it's not new in the US. Right. There was a 209 00:11:22,370 --> 00:11:25,610 S1: significant case there involving a woman who became one of 210 00:11:25,610 --> 00:11:29,730 S1: these so-called laptop farmers, these intermediaries. So tell us about that. 211 00:11:31,170 --> 00:11:35,530 S2: We know this North Korean operation has been operating at 212 00:11:35,530 --> 00:11:38,569 S2: scale for a decade. The US has been a great 213 00:11:38,610 --> 00:11:40,730 S2: hunting ground for the North Koreans. It's a massive economy. 214 00:11:41,370 --> 00:11:44,330 S2: Covid meant there was a huge reliance on stay at 215 00:11:44,330 --> 00:11:49,210 S2: home or remote workers, especially IT workers, contract workers. This 216 00:11:49,210 --> 00:11:51,809 S2: was a great time for North Korea to be operating 217 00:11:52,410 --> 00:11:56,090 S2: and people all over the world. You find people desperate 218 00:11:56,090 --> 00:11:58,090 S2: for money and happy to take money to look the 219 00:11:58,090 --> 00:12:01,790 S2: other way. And the North Koreans found a woman called 220 00:12:01,790 --> 00:12:06,150 S2: Christina Chapman. She was in Arizona on a run of 221 00:12:06,150 --> 00:12:11,990 S2: the mill, pretty poor, working class person who was desperate 222 00:12:11,990 --> 00:12:14,110 S2: for a job in the North Korean sense that they 223 00:12:14,110 --> 00:12:16,510 S2: gave her a job as what's known as a laptop farmer. 224 00:12:16,870 --> 00:12:19,630 S2: And her job was this whenever a North Korean agent 225 00:12:19,630 --> 00:12:22,310 S2: working undercover wins a job, gets a job at be 226 00:12:22,350 --> 00:12:24,390 S2: it a company like Nike or Boeing or any of 227 00:12:24,390 --> 00:12:28,870 S2: the other American companies that were ultimately compromised, these remote workers, 228 00:12:28,870 --> 00:12:31,430 S2: these undercover operatives, need a laptop to do their job. 229 00:12:31,550 --> 00:12:34,910 S2: And so the US company needs to send them a laptop. 230 00:12:34,950 --> 00:12:38,110 S2: She agreed to use her home address in Arizona to 231 00:12:38,150 --> 00:12:42,670 S2: receive those laptops. When the FBI finally raided, her, 90 232 00:12:42,710 --> 00:12:45,990 S2: laptops had been sent to her. It's estimated she helped 233 00:12:45,990 --> 00:12:50,990 S2: these North Korean agents infiltrate 300 US companies, including some 234 00:12:50,990 --> 00:12:54,829 S2: big names like Nike. And I think the remarkable thing 235 00:12:54,830 --> 00:12:57,750 S2: about her operation was not just how many companies were 236 00:12:57,750 --> 00:13:01,569 S2: infiltrated and how many agents were involved, but really the 237 00:13:01,570 --> 00:13:05,250 S2: unremarkable nature of her. She was a not too bright, 238 00:13:05,450 --> 00:13:10,290 S2: not too well spoken, very ordinary American doing some pretty 239 00:13:10,290 --> 00:13:13,410 S2: extraordinary things. Right now she's sitting in a jail cell, 240 00:13:13,410 --> 00:13:15,090 S2: serving eight and a half years in prison. 241 00:13:15,410 --> 00:13:19,250 S1: And in your investigation, she claims that she was unaware 242 00:13:19,250 --> 00:13:21,610 S1: that she was a so-called laptop farmer, that she was 243 00:13:21,610 --> 00:13:26,210 S1: an intermediary between these North Korean spies and these American companies. 244 00:13:26,690 --> 00:13:28,490 S1: Do you think there's any credibility to that? I mean, 245 00:13:28,530 --> 00:13:32,570 S1: certainly you also interviewed Jeanine Pirro, who is currently the 246 00:13:32,570 --> 00:13:35,250 S1: United States attorney for the District of Columbia, a very 247 00:13:35,250 --> 00:13:38,449 S1: high profile in her in her own right. She's prosecuted 248 00:13:38,650 --> 00:13:43,329 S1: this woman who, again, facilitated these North Korean fraudsters. So 249 00:13:43,770 --> 00:13:46,530 S1: is there any credibility, any possibility that she just didn't 250 00:13:46,530 --> 00:13:48,370 S1: know what she'd been contracted to do? 251 00:13:48,730 --> 00:13:52,050 S2: Well, the prosecutor, Jeanine Pirro, thought not. And I mean, 252 00:13:52,050 --> 00:13:56,370 S2: I think if any of our listeners, uh, consider that 253 00:13:56,370 --> 00:13:59,130 S2: their home would receive 90 laptops and they'd be asked 254 00:13:59,130 --> 00:14:03,750 S2: to plug in dozens and dozens of Asian IT workers 255 00:14:03,750 --> 00:14:06,550 S2: to US companies in such a bizarre fashion, you'd think 256 00:14:06,590 --> 00:14:08,710 S2: you'd have your hackles up. You think you'd be a 257 00:14:08,710 --> 00:14:14,510 S2: little bit suspicious? The idea that Chapman was an unwitting agent, 258 00:14:14,550 --> 00:14:17,910 S2: a dupe is pretty ridiculous, and I think we can 259 00:14:17,910 --> 00:14:20,350 S2: see that in her ultimate sentence of eight and a 260 00:14:20,390 --> 00:14:24,270 S2: half years for breaching, for harming US national security. But 261 00:14:24,270 --> 00:14:27,630 S2: I think what her case really tells Australia is we 262 00:14:27,630 --> 00:14:29,270 S2: know there's people out there that want to make a 263 00:14:29,270 --> 00:14:31,950 S2: buck and who'll do the wrong thing to do so. Uh, 264 00:14:31,990 --> 00:14:33,550 S2: they can do so in a way where they can 265 00:14:33,550 --> 00:14:37,230 S2: pretend to some extent that they're simply operating. Helping fill 266 00:14:37,230 --> 00:14:39,870 S2: an IT gap for some bizarre company overseas and not 267 00:14:39,870 --> 00:14:42,710 S2: really ask themselves, what am I truly up to? There 268 00:14:42,710 --> 00:14:45,790 S2: are those sorts of people we suspect in Australia today. 269 00:14:46,030 --> 00:14:48,630 S2: We do believe there's at least one laptop farm operating 270 00:14:48,630 --> 00:14:53,270 S2: in Australia, similar to that of Kristina Chapman today. So 271 00:14:53,430 --> 00:14:56,070 S2: it really shows that ordinary people can get swept up 272 00:14:56,070 --> 00:15:01,520 S2: in what are very hostile operations by very dangerous Regimes, 273 00:15:01,520 --> 00:15:04,440 S2: in this case North Korea. They're likely to be here 274 00:15:04,440 --> 00:15:06,560 S2: already in Australia, and they're likely to be operating with 275 00:15:06,560 --> 00:15:07,280 S2: some success. 276 00:15:07,400 --> 00:15:09,960 S1: And Nick, just to wrap up, what can companies and 277 00:15:09,960 --> 00:15:11,840 S1: businesses do to protect themselves? 278 00:15:12,440 --> 00:15:16,360 S2: There's some very basic things check out in person who 279 00:15:16,360 --> 00:15:21,040 S2: you're hiring. Do proper due diligence. Yes, AI and we 280 00:15:21,080 --> 00:15:24,080 S2: know that China is now backing North Korea in this operation. 281 00:15:24,080 --> 00:15:27,320 S2: So we've got some pretty high level Chinese AI operating here. 282 00:15:27,360 --> 00:15:34,000 S2: China's government, uh, led Chinese technology created AI. It can 283 00:15:34,000 --> 00:15:36,640 S2: be remarkable. It can come up with very good resumes. 284 00:15:36,640 --> 00:15:39,640 S2: It can alter people's identities and video interviews. You can 285 00:15:39,640 --> 00:15:45,680 S2: feed answers into people's earpieces. Uh, but still, companies have 286 00:15:45,680 --> 00:15:48,920 S2: the ability to do thorough due diligence to combat that 287 00:15:48,920 --> 00:15:54,000 S2: AI and in-person or real person challenge by checking, well, 288 00:15:54,000 --> 00:15:57,040 S2: you say you did your university here. Tell me about 289 00:15:57,040 --> 00:15:59,320 S2: what was happening in the year 2002. When you say 290 00:15:59,320 --> 00:16:02,340 S2: you were stationed at Sydney University, Were you aware of 291 00:16:02,380 --> 00:16:06,180 S2: that flood event that happened in at Melbourne? When you 292 00:16:06,180 --> 00:16:09,180 S2: say you're at Melbourne University, there's ways you can test 293 00:16:09,580 --> 00:16:12,300 S2: these human. Now, the AI might be countering that, but 294 00:16:12,300 --> 00:16:15,420 S2: there are ways and means. See your employee face to face. 295 00:16:15,420 --> 00:16:17,620 S2: If they have an important role, ask them to come 296 00:16:17,620 --> 00:16:22,180 S2: into your satellite office. Present some ID in person knowing 297 00:16:22,220 --> 00:16:25,500 S2: that ID can be doctored and faked as well. Have 298 00:16:25,820 --> 00:16:28,460 S2: controls in place to make sure these North Koreans never 299 00:16:28,500 --> 00:16:32,140 S2: get in the door. The system or the operation put 300 00:16:32,140 --> 00:16:35,940 S2: in place by North Korea relies on companies taking shortcuts. 301 00:16:35,940 --> 00:16:38,500 S2: And the terrifying thing is, too many big Aussie corporates 302 00:16:38,500 --> 00:16:42,220 S2: are taking those shortcuts. Why? To save money that has 303 00:16:42,220 --> 00:16:45,580 S2: to end. The issue really is these North Korean agents 304 00:16:45,860 --> 00:16:48,900 S2: are good at their jobs. They are trained in coding, 305 00:16:48,900 --> 00:16:53,140 S2: they are trained in other IT disciplines. They will be 306 00:16:53,140 --> 00:16:56,740 S2: able to perform the role. So looking at their work 307 00:16:56,940 --> 00:17:00,739 S2: won't necessarily raise any concerns. It will be other things. 308 00:17:01,360 --> 00:17:06,160 S2: It will be there. Unusual flags about their working hours. 309 00:17:06,600 --> 00:17:09,960 S2: The way they're logging in, uh. The systems they're using 310 00:17:10,000 --> 00:17:13,000 S2: to log in. Keeping in mind that they're going to 311 00:17:13,000 --> 00:17:17,159 S2: be trying to counter the counter-attack from the companies. Now, 312 00:17:17,160 --> 00:17:19,760 S2: this is an evolving fight. Just as companies begin to 313 00:17:19,760 --> 00:17:23,520 S2: have technology to really detect whether fake IP addresses are 314 00:17:23,520 --> 00:17:27,920 S2: being used to obscure a remote workers real location. Just 315 00:17:27,920 --> 00:17:31,040 S2: as that technology is developed and employed, new technology will 316 00:17:31,040 --> 00:17:33,200 S2: be put in place to defeat it. So we need 317 00:17:33,200 --> 00:17:37,159 S2: to have a continuous and continuously improving system of countering 318 00:17:37,680 --> 00:17:42,920 S2: what is a very IT proficient army of North Korean agents, 319 00:17:43,440 --> 00:17:46,359 S2: ultimately working for one of the most pernicious and dangerous 320 00:17:46,359 --> 00:17:48,800 S2: regimes in modern human history. 321 00:17:49,200 --> 00:17:49,960 S4: Well, thank you. 322 00:17:49,960 --> 00:17:51,360 S1: So much for your time. 323 00:17:51,720 --> 00:17:52,680 S2: Great to be with you. 324 00:18:02,780 --> 00:18:06,260 S1: In other news today, politicians will be guarded at public 325 00:18:06,260 --> 00:18:10,020 S1: events while their homes and offices will undergo security upgrades 326 00:18:10,020 --> 00:18:14,020 S1: due to the most dangerous security environment in generations, according 327 00:18:14,060 --> 00:18:18,140 S1: to experts. Sydney and Melbourne house values have fallen for 328 00:18:18,140 --> 00:18:22,820 S1: a second consecutive month, but values soared in Perth, Brisbane 329 00:18:22,820 --> 00:18:27,260 S1: and Adelaide and more people are renting electric vehicles ahead 330 00:18:27,260 --> 00:18:31,580 S1: of Easter amidst surging petrol and diesel prices. To find 331 00:18:31,580 --> 00:18:38,780 S1: out more, visit the Ajcosta or smh.com.au. Today's episode was 332 00:18:38,780 --> 00:18:42,740 S1: produced by Kai Wong. Our executive producer is Tammy Mills, 333 00:18:42,740 --> 00:18:46,620 S1: and our podcasts are overseen by Lisa Muxworthy and Tom McKendrick. 334 00:18:47,180 --> 00:18:49,980 S1: If you like our show, follow The Morning Edition and 335 00:18:49,980 --> 00:18:53,260 S1: leave a review for us on Apple or Spotify. Thanks 336 00:18:53,260 --> 00:18:54,100 S1: for listening.