North Korea sanctions bill would mandate anti-hacking plan

Greg Nash

A trio of senators has introduced legislation that would force President Obama to create a strategy to thwart and sanction North Korean hackers.

The provision is part of a larger North Korean sanctions bill from Sens. Cory GardnerCory GardnerGOP senators avoid Trump questions on rigged election Administration vows 'proportional' response to Russian hack Trump denies Russia behind attack, despite fed investigation saying otherwise MORE (R-Colo.), Jim RischJim RischGOP senators avoid Trump questions on rigged election GOP to Obama: Sanction Chinese entities to get to North Korea Research: Infrastructure systems easy to hack, a little slow to patch MORE (R-Idaho) and Marco RubioMarco RubioChamber endorses bill to block proposed estate tax rules Juan Williams: When WikiLeaks leaked my cell number 56 memorable moments from a wild presidential race MORE (R-Fla.). The measure, known as the North Korean Sanctions and Policy Enhancement Act, would broadly sanction the reclusive Asian country’s nuclear program and crack down on party officials for covering up human rights abuses.

“The new sanctions within this legislation would apply the pressure required to change North Korea’s behavior, and would mandate that the United States finally have a unified strategy for dealing with North Korean cyberattacks,” said Gardner, who chairs the Senate Foreign Relations subcommittee on East Asia and cybersecurity, in a statement. “We can’t go any longer without a serious plan to deal with this threat. It’s time to get serious.”

The bill comes on the heels of the destructive hack of Sony Pictures Entertainment, which the Obama administration has blamed on Pyongyang. Allegedly, the cyber assault was retaliation for the movie studio’s comedy “The Interview,” which depicted the assassination of North Korean leader Kim Jong Un.

The incident raised the profile of North Korea’s hacking talents, which until recently were not seen as advanced enough to be considered a serious threat.

It also extended the growing list of issues causing tension between North Korea and the United States.

In addition to ongoing allegations of human rights abuses, Pyongyang has made a loud display of its advancing nuclear program in recent years, conducting at least three nuclear tests between 2006 and 2013.

In mid-September, a top North Korean atomic official issued yet another in a long string of warnings that Pyongyang would be willing to turn these weapons on the U.S.

"If the U.S. and other hostile forces persistently seek their reckless hostile policy towards the DPRK [Democratic People’s Republic of Korea] and behave mischievously, the DPRK is fully ready to cope with them with nuclear weapons any time," said the director of the North Korean Atomic Energy Institute, CNN reported.

But much of the discussion about nuclear programs and cyberattacks in recent months has focused on Iran and China.

The U.S. and five other world powers in July struck a deal to limit Iran’s nuclear program in exchange for rolling back economic sanctions. And in September, China and the U.S. also came to a “common understanding” not to conduct or support the digital theft of commercial trade secrets during a recent state visit from Chinese President Xi Jinping.

The lawmakers backing the bill insisted the White House is taking its eye off a dangerous and unpredictable actor.

“While the world is distracted by other bad actors, the North Korean regime continues to flagrantly conduct illegal arms sales, proliferate sensitive technology, expand its nuclear weapons program conduct cyberattacks, and repress the North Korean people,” said Rubio, who is running for president.

In January, the White House did authorize a slate of economic sanctions on North Korea in response to the Sony hack. The executive order gave the administration the ability to slap penalties on any North Korean government official or government entity. It immediately sanctioned 10 individuals and three entities, including North Korea’s intelligence organization, forbidding them from any deals with U.S. persons.

“This is a very broad authority that will allow us at the time and place of our choosing to impose sanctions,” a senior administration official said at the time.

The Republican trio’s bill would officially codify this executive order, as well as a follow-up executive order in April that gave the Treasury Department more authority to sanction any individual or entity involved in cyberattacks targeting the U.S.

“It is time for the United States to increase pressure on North Korea and require them to end their nuclear program, stop the cyber-attacks against us, and respect the human rights of their own citizens,” Risch said.