The reason that North Korea targets IT roles in particular is precisely because they're the weak link in zero-trust implementations. Someone, somewhere, has the unfettered rights to access the production database, and they're in the IT department.