To Curb North Korea, Target Its Cyber Arsenal

A hacker works at a computer. | Getty

Thousands of North Korean tech workers, hackers and cyber criminals operate on Chinese soil, where they benefit from China’s superior bandwidth and network capability, according to a recent long-term study. | Getty

The U.S. should explore another potential tool for restraining North Korea, experts and some lawmakers argue — by targeting the regime’s burgeoning cyber weaponry and the Chinese technological aid that enables it.

Such an approach could strain the United States’ improving relations with China, not to mention President Donald Trump’s nascent friendship with Chinese leader President Xi Jinping. But researchers who have studied Pyongyang’s aggressive hacking and cyber snooping operations say the country is inextricably dependent on China, which provides software, technology, training and network bandwidth that allow North Korea to infiltrate government and corporate computer systems around the world.

 Thousands of North Korean tech workers, hackers and cyber criminals operate on Chinese soil, where they benefit from China’s superior bandwidth and network capability, according to a recent long-term study from the Center for Strategic and International Studies. South Korean investigators have also found North Korean hackers working at Chinese-based companies that are fronts for the development of digital intrusion tools.

These cyber weapons have allowed Pyongyang to punch above its weight class: North Korean hackers have been accused of infiltrating foreign government agencies, disrupting South Korean power plants, taking out Sony Pictures’ computer network and possibly even stealing $81 million last year from Bangladesh’s central bank, in a brazen theft that rattled the financial world.

“It’s the ultimate asymmetric weapon,” said Connecticut Rep. Jim Himes, the top Democrat on the House Intelligence Committee’s cybersecurity subpanel.

Disarming that weapon means finding ways to prevent North Korea from obtaining its cyber tools, several lawmakers say. And that naturally means targeting the reclusive country’s third-party enablers.

The North Koreans “have capabilities, but they are so disconnected that they use outside sources in many cases,” said Sen. Mike Rounds (R-S.D.), who chairs the Senate Armed Services Committee’s recently created cybersecurity subpanel. “So you have to look not just at what they do but also at what might be done through other countries as intermediaries.”

Proponents say such punishments could take the form of penalties or sanctions on any outside group or country, such as China, that helps enlarge North Korea’s cyberwar chest.

“Congress can definitely continue to find new ways to sanction North Korea’s illicit activities” by targeting other countries like China “who are supporting hacking,” said Patrick Cronin, senior director of the Asia-Pacific Security Program at the Center for a New American Security.

So far, though, the congressional debate over new North Korean sanctions has centered on the country’s ballistic missiles and illicit nuclear programs. The House, for example, approved legislation this month that would restrict North Korea’s shipping industry, limit foreign assistance to governments supplying conventional weapons to the regime and launch an investigation of cooperation between North Korea and Iran. The measure included no mention of Pyongyang’s cyber program.

The legislation is a response to a series of North Korean tests of increasingly sophisticated ballistic missiles. Most recently, Pyongyang on Sunday test-launched a missile that experts said may represent a step forward for the country.

But an exclusive focus on these traditional weapons is short-sighted, some lawmakers say.

“I think we have to look at the whole gamut of high-tech items that [the North Koreans] can’t produce and enable them to engage in not only in missile development but also in fairly sophisticated hacking,” said Sen. Jack Reed of Rhode Island, the top Democrat on the Senate Armed Services Committee.

But even some lawmakers who support the idea in theory wonder whether the risks of going after North Korea’s Chinese support systems are worth the potential reward.

“I’m for stopping North Korea from getting everything,” House Armed Services Chairman Mac Thornberry (R-Texas) told POLITICO. But, he added, any new sanctions are “only going to be effective if you can get the Chinese to cooperate.”

Others cautioned that the easy spread of digital knowledge may prevent cyber punishments from being fully effective.

“Sadly, it’s a little hard to prevent the spread of know-how,” Himes said.

Cronin, the Asia-Pacific specialist, pointed to the “huge black market” that contains a panoply of easily purchased, sophisticated hacking tools.

“There’s no end to the proliferation of cyber weapons, because they’re all over the web,” he said.

China, meanwhile, has long cautioned the U.S. against imposing unilateral sanctions on North Korea, cyber or otherwise.

“That’s not the correct way of dealing with things,” Xiao Qian, an official with China’s Ministry of Foreign Affairs, told CNN in April.

Sanctions that hit Chinese technological assistance would be even more fraught. Past U.S. penalties on China’s digital operations have brought an angry response.

After the Justice Department indicted five members of the Chinese military in 2014 for hacking American companies, Beijing pulled out of a joint cyber working group with the U.S. and cut off communication with American law enforcement on cyber crime. It took a year and a half to reestablish those ties, and the two sides are still working to keep the cooperation on good terms.

More broadly, Trump has backed away — for now — from several hard-line stances on China, including pressuring it to take care of North Korea’s military belligerence.

“I felt pretty strongly that they had a tremendous power” to handle North Korea, Trump told The Wall Street Journal in April. But after talking to Xi about the issue, Trump said he “realized it’s not so easy.”

That said, some experts and lawmakers said cyber-specific penalties may still be worth the risks if it means hampering North Korea’s aggression.

“If they can’t get those [high-tech] items,” Reed said, “then they’re going to be less effective and it’s going to take them longer.”

John Bambenek, manager of threat systems at the cybersecurity company Fidelis, said that while Beijing’s backing is “hard to document in a very conclusive way,” his firm knows there are several cells of North Korean hackers “holed up in relatively nice hotels in China.”

If experts in the U.S. know where they are, “obviously China does,” he added. “Who’s paying the hotel bill?”

Leave a Reply

Your email address will not be published. Required fields are marked *