U.S. animation studios unknowingly outsourced work to North Korea
GEORGIA, UNITED STATES — Recent discoveries on a North Korean server suggest that major animation studios in the United States may have inadvertently outsourced work to North Korean illustrators and graphic designers.
The documents, found by cyber-sleuth Nick Roy, include materials for unreleased episodes of popular American cartoons, such as Amazon Prime Video’s “Invincible” and Max’s “Iyanu: Child of Wonder.”
The files, which were not password-protected, contained Chinese instructions translated into Korean, suggesting a multi-tiered outsourcing process that may have bypassed the studios’ knowledge and violated U.S. sanctions against North Korea.
In an interview with CNN, cybersecurity firm Mandiant reported that the server logs from North Korea showed frequent access from internet connections in northeast China.
Both Roy and Michael Barnhart, a North Korea expert at Mandiant, explained that these logs imply that individuals in China could have been sending instructions to their North Korean counterparts for animation projects.
Roy further mentioned that access to the server was not limited to China; there were also connections from within North Korea, indicating local involvement with the animation files.
Studios respond to outsourcing claims
Skybound Entertainment, the producer of “Invincible,” told CNN that it does not work with Chinese or North Korean companies and was unaware of any such entities working on its projects. The company has initiated an investigation to determine the extent of the issue.
Max and other involved studios have either declined to comment or did not respond to inquiries.
North Korea’s animation industry
North Korea has a history of using animation as a propaganda tool and revenue source. SEK Studio, the country’s main animation studio, has been sanctioned by the U.S. Treasury Department for its connections to the North Korean regime.
The studio has been known to subcontract work to foreign companies, including those in China, where some of the discovered files originated.
The broader implications of the outsourcing incident
The incident underscores the need for companies to exercise due diligence in their outsourcing practices. It also highlights the ongoing efforts of North Korean IT workers to circumvent sanctions and contribute to the regime’s revenue streams, often by misrepresenting their nationality and location.
Last March, two Japanese executives were arrested under suspicion of outsourcing development work to North Korean IT engineers.
The Japanese government subsequently issued a stern warning about the risks of hiring North Korean IT contractors, highlighting the possibility of contributing to North Korea’s nuclear and missile development and participating in cyber activities detrimental to other nations.
Authorities from the United States and South Korea previously released guidance to help avoid inadvertently hiring North Korean agents, which includes being vigilant about threats to release proprietary source code and inconsistencies in company details.
