AUGUSTA, Georgia — A federal court has sentenced three individuals involved in a sophisticated scheme that enabled overseas IT workers linked to North Korea to secure remote jobs with U.S. companies using stolen identities.
The case underscores growing cybersecurity risks tied to remote hiring practices and highlights how sanctioned states exploit global digital labor markets.
Who Was Sentenced
The defendants — Alexander Paul Travis, Jason Salazar, and Audricus Phagnasay — pleaded guilty to conspiracy to commit wire fraud, according to Margaret E. Heap.
Sentences were issued by J. Randal Hall:
- Travis, 35, received 12 months in prison, three years of supervised release, and forfeiture of $193,265
- Salazar, 30, was ordered to forfeit $409,876
- Phagnasay, 25, was ordered to forfeit $681,926
How the North Korea IT Scheme Worked
According to prosecutors, the scheme relied on identity fraud and remote access technology to bypass corporate hiring safeguards:
- Overseas IT workers created fake résumés using the defendants’ identities
- They secured remote employment with U.S. companies
- Defendants received company-issued laptops at U.S. addresses
- Unauthorized software enabled foreign workers to access systems remotely
- Payments were routed through U.S. bank accounts and transferred abroad
The operation generated approximately $1.28 million in salaries, most of which was sent overseas.
Travis earned at least $51,397, while Salazar and Phagnasay received smaller amounts for their participation.
Why This Matters for Cybersecurity and Business
U.S. officials warn that such schemes are part of broader efforts by North Korea to evade sanctions and generate revenue through cyber-enabled operations.
Since 2003, sanctions imposed by the United States and international bodies have restricted North Korea’s access to global financial systems. In response, the country has increasingly relied on highly skilled IT workers operating under false identities.
Revenue from these operations is believed to support state programs, including weapons development.
“These schemes present a significant challenge to our national security,” Heap said.
FBI Warning to U.S. Companies
The Federal Bureau of Investigation says cases like this highlight vulnerabilities in remote hiring and workforce verification.
“These defendants facilitated a scheme to deceive U.S. companies into hiring foreign remote IT workers,” said Peter Ellis.
Authorities are urging businesses to strengthen:
- Identity verification processes
- Remote work security protocols
- Device access monitoring
- Employee background checks
Growing Risk in the Remote Work Era
The case reflects a broader trend: as companies expand remote hiring globally, they face increased exposure to fraud, cyber infiltration, and compliance risks.
Experts warn that without stronger safeguards, similar schemes could continue targeting companies across industries, particularly in tech, finance, and data-driven sectors.
Investigation and Prosecution
The case was investigated by the FBI’s Augusta Resident Agency, in coordination with the U.S. Department of Justice’s National Security Division. Federal prosecutors and cybercrime specialists led the prosecution.
