North Korea Didn't Invade.
It Logged In.
Season 2
— with Nicole Perlroth
Forget what you know about nation-state hacking. North Korea didn't just join the cyber arms race, it changed the game entirely. NYTimes bestselling author Nicole Perlroth investigates, alongside the victims, defenders, and officials who have spent years trying to keep up.
The Threats Have Evolved. So Has the Story.
I've spent fifteen years swimming in cyber threats and a decade as The New York Times' lead cybersecurity reporter, now traveling the world educating people about the potential for a cataclysmic, cascading cyberattack.
Over the past two decades, trillions of dollars' worth of American R&D, trade secrets, and intellectual property have crept out the back door. When you peel the mask off the thieves, it's the same culprits. Every. Single. Time.
But not every adversary is playing the same game. While China steals to compete, North Korea steals to survive cyber heists on global banks, cryptocurrency theft at nation-state scale, deepfake operations slipping agents into Fortune 500 companies. This isn't espionage. This is a sanctions-busting, weapons-funding disruption machine. Season 1 pulled back the curtain on China's rise to cyber supremacy. Season 2 goes somewhere darker.
New Episodes · Coming Weekly
6 new episodes with new content, new guests, and new revelations. Subscribe to be notified the moment each episode drops.
The Sony Playbook
Nearly 12 years after North Korea's cyberattack on Sony Pictures Entertainment, host and former New York Times cybersecurity reporter Nicole Perlroth revisits what most Americans missed beyond the Hollywood scandal — a deliberate blueprint for turning stolen data into psychological warfare. The attack foreshadowed tactics that would later appear in Russian intelligence operations and modern ransomware campaigns. This episode traces how North Korea evolved from an isolated adversary into one of the most sophisticated and dangerous cybercriminal forces in the world.
The Americans
All North Korean IT worker schemes hinge on one thing: a willing participant in America. We found one, and knocked on her door.
Experts have dubbed some of these Americans “laptop farmers.” The North Koreans call them “facilitators” – people willing to host multiple laptops in their home and happy to not ask too many questions. But identifying these people can be hard: unless you have access to a private Discord channel where North Korean IT workers talk freely among themselves.
In Episode 3, host and former lead cybersecurity and digital espionage reporter for The New York Times, Nicole Perlroth, goes to Ohio to try to understand how and why anyone would help a hostile, authoritarian regime, launder their true whereabouts, and fuel their nuclear weapons program.
To Catch a Thief is co-produced by Nicole Perlroth and Rubrik in partnership with Pod People.
To Catch a Thief was written and produced by Nicole Perlroth, along with Khrista Rypl, T. J. Raphael, Rebecca Chaisson and Sam Gebauer. Additional thanks to Allie Pinel, Fendall Fulton, Krissy Clark, Cai Lee, Eunice Park and Aimee Machado. Editing and Sound Design by Erica Huang. Art direction and design by Ben Long, Gareth Strange and Sarah Burley at the John & Jane Agency, and support from John Leestma.
The Cell
Infiltrating the infiltrators. For the first time ever, host and former lead cybersecurity and digital espionage reporter for The New York Times Nicole Perlroth partners with a team of private investigators as they infiltrate a North Korean worker cell. She uncovers what happens after a security firm hires a man calling himself “Joseph.” By turning the tables on one of the world’s most elusive regimes, investigators gain rare, unprecedented access to their hidden Discord ecosystem: leaderboards tracking job applications, interview evasion tactics, and the disturbing levels of access North Korean workers are getting once inside– including, in one case, at an American nuclear utility.
They also get a bizarre window into the human culture inside these cells – from their obsession with Minions to their pool parties and steak dinners outside North Korea. What emerges is not just a portrait of a sanctions-evasion operation, but a rare glimpse into how North Korea’s remote worker armies think, collaborate, and survive from behind the screen.
Strange Things Are Happening – How North Korean Threat Actors Infiltrated American Businesses without Hacking
In a new season of To Catch a Thief, host and former lead cybersecurity and digital espionage reporter for The New York Times, Nicole Perlroth, investigates how North Korean agents are infiltrating the global workforce. How did a nuclear-armed regime worm its way onto the payroll of international companies – and why is it so difficult to get rid of them?
A new breed of worker is quietly clocking in across the United States. They’re writing code, managing your passwords, and training the next generation of AI models. They’re gaining trust and access.
On paper, they’re the dream hire: skilled, low maintenance, always remote, and often affordable. By most accounts, they’re doing the work. But strange things are happening.
Mythos: The Breaking Point
What happens when AI can find and exploit flaws in the world's most hardened software with minimal human input? Nicole Perlroth goes Out of Band with Anthropic's Nicholas Carlini to find out. Together they unpack the imminent zero-day surge, Anthropic's decision to hold Mythos back, and whether defenders have any credible path to regain the advantage.
The answer makes one thing clear: in a world where almost anything can be hacked, cyber resilience and preemptive recovery aren't best practices — they're the only strategy left.
China's Rise to Cyber Supremacy
9 episodes + a live bonus recording at the New York Stock Exchange. Available on Spotify, Apple Podcasts, Amazon Music, and YouTube.
Season 1 Episodes
The Experts Behind the Story
Our featured guests include former NSA directors, CISA directors, top researchers, and Pulitzer Prize winners.