Nashville Man Charged with Assisting North Korea’s Weapons Program Through IT Fraud

Nashville Man Indicted for Aiding North Korea’s Weapons Program Through IT Fraud

NASHVILLE, Tenn. — A 38-year-old man from Nashville has been indicted for his alleged role in generating revenue to support North Korea’s controversial weapons program. According to the United States Attorney’s Office for the Middle District of Tennessee, Matthew Isaac Knoot has been accused of running a scheme that deceived several American companies into believing they were hiring legitimate workers located in the United States.

Details of the Indictment

Knoot is alleged to have operated a so-called “Laptop Farm” from his residences in Nashville between July 2022 and August 2023. The indictment reveals that Knoot engaged in a complex operation that allowed foreign information technology (IT) workers from North Korea to gain remote employment with American and British companies. However, these workers were falsely presenting themselves as U.S. citizens.

To facilitate this deceit, Knoot reportedly assisted these foreign IT workers in obtaining stolen identities. He set up multiple company laptops at his home and even downloaded unauthorized software to help these workers maintain their ruse. The indictment indicates that payments for their remote work were laundered through various channels to support accounts linked to North Korean and Chinese actors, including those involved in the Democratic People’s Republic of Korea’s (DPRK) development of weapons of mass destruction.

Statements from Authorities

United States Attorney for the Middle District of Tennessee, Henry C. Leventis, explained the gravity of the situation. “North Korea has dispatched thousands of highly skilled information technology workers around the world to dupe unwitting businesses and evade international sanctions so that it can continue to fund its dangerous weapons program,” he stated. “Today’s indictment, charging the Defendant with facilitating a complex, multi-year scheme that funneled hundreds of thousands of dollars to foreign actors, is the most recent example of our office’s commitment to protecting the United States’ national security interests.”

In another statement, Assistant Attorney General Matthew G. Olsen of the National Security Division emphasized the risks posed to U.S. companies. “As alleged, this defendant facilitated a scheme to deceive U.S. companies into hiring foreign remote IT workers who were paid hundreds of thousands of dollars in income funneled to the DPRK for its weapons program,” he said. “This indictment should serve as a stark warning to U.S. businesses that employ remote IT workers of the growing threat from the DPRK and the need to be vigilant in their hiring processes.”

Financial Implications

The financial impact of Knoot’s alleged scheme is significant. It reportedly defrauded various U.S. media, technology, and financial firms, resulting in hundreds of thousands of dollars in damages. The employment of foreign IT workers disguised as U.S. citizens resulted in unauthorized access to sensitive information and increased risks to companies already concerned about cybersecurity.

Charges Against Knoot

Knoot has been charged with several serious offenses, including:

• Conspiracy to cause damage to protected computers
• Conspiracy to launder monetary instruments
• Conspiracy to commit wire fraud
• Intentional damage to protected computers
• Aggravated identity theft
• Conspiracy to cause the unlawful employment of aliens

If convicted, Knoot faces a maximum penalty of 20 years in prison, which includes a mandatory minimum sentence of two years for the aggravated identity theft charge. The intricate web of deceit outlined in the indictment paints a picture of a sophisticated scheme that could have far-reaching implications, not just for those directly involved, but also for the security of the nation.

Investigation and Next Steps

This case is currently being investigated by the FBI Memphis Field Office, along with the Nashville Resident Agency. As the investigation unfolds, it serves as a reminder for companies that engage remote workers to be vigilant when vetting their employees.

With international tensions involving North Korea posing a continuous threat, the indictment of Matthew Isaac Knoot highlights the importance of cybersecurity and the vigilance required by businesses to protect against exploitation. The connection between seemingly innocuous remote work arrangements and significant national security risks continues to emerge in such investigations.

This incident has raised awareness not just about potential fraud risks but also about the broader implications of international laws and sanctions regarding North Korea. As efforts continue to combat these types of schemes, it remains crucial for businesses to ensure that their hiring practices are thorough and secure.