Trump’s praise for North Korea complicates cyber deterrence

President Trump’s recent goodwill toward North Korea is at odds with his administration’s attempts to crack down on the country’s cyberattacks, and experts say the president’s plaudits could hinder U.S.-led efforts to deter North Korean aggression in cyberspace.

North Korea has shown no signs of curtailing its aggressive cyber tactics, despite a Department of Justice (DOJ) complaint last month blaming the country’s government for several high-profile cyberattacks. Researchers for security firm FireEye recently observed that said the DOJ’s very public allegations have “thus far failed to put an end to their activity.”

{mosads}But even as more examples of the cyber threat emerge, Trump has remained largely complimentary of North Korean leader Kim Jong-Un as he looks to reach a historic deal on denuclearization. Analysts say a more unified front is necessary to stop Pyongyang’s cyber efforts.

“Certainly to the extent that your messaging seems at odds with what your law enforcement is doing, or your economic policies don’t match up with your diplomatic actions,” that will “make it more difficult for that message to be delivered to whatever country you’re talking about trying to deter from a certain set of actions,” said Michael Daniel, cybersecurity coordinator during the Obama administration who’s now head of the Cyber Threat Alliance.

The administration has promised to remain tough on North Korea until it denuclearizes. But Trump’s remarks toward Kim have changed dramatically during his presidency, going from promises to unleash “fire and fury” over the nation’s missile tests to recently saying he and Kim “fell in love.”

“I was really being tough and so was he,” Trump said at a rally in West Virginia late last month. “And we would go back and forth. And then we fell in love. No really. He wrote me beautiful letters.”

Those comments came the same month that the DOJ attempted to “name and shame” North Korea in a 179-page complaint about the country’s alleged involvement in the 2014 Sony Pictures hack, the WannaCry malware attack and the theft of $81 million from the central bank of Bangladesh.

And on the day that his administration unveiled the first U.S. charges against a North Korean hacker, Trump praised Kim twice that day, with a tweet in the morning and remarks at a rally that night.

DOJ officials said at the time that the White House was aware the charges against the hacker would be unsealed.

Some experts say Trump is prioritizing denuclearization, which has led him to pursue his own strategy on North Korea, separate from the U.S. intelligence community’s cyber goals.

Andy Keiser, a former Trump transition national security official, said Trump is running “a very high-level negotiations strategy” to try to get North Korea to denuclearize. He said that while that may lead to competing messages, it might not be “avoidable.”

“I think in President Trump’s mind, he is trying to solve one of the most contractible problems the world has faced for 70 years,” said Keiser, who is also a former senior adviser to former House Intelligence Committee Chairman Mike Rogers (R-Mich.). “So he is laser focused on that, while the cyber and national security officials are all very rightly concerned about North Korea’s very aggressive activities in cyberspace including the Sony [Pictures] attack and WannaCry.”

Many experts and lawmakers on Capitol Hill have long called for a whole-of-government approach to deterring malicious cyber actors, saying a unified front can help set clear lines as to what is and isn’t considered acceptable behavior in cyberspace.

Ben Buchanan, an assistant teaching professor at Georgetown University and author of “The Cybersecurity Dilemma,” said in an email that North Korea views its cyber efforts “as a key part of their strategy for statecraft, both as a means of getting money and of projecting power abroad.”

“The administration’s messaging certainly does not seem to have slowed down the North Korean cyber operations, based on publicly available data,” he said.

Others have warned that North Korea has gone after cryptocurrency exchanges in an effort to bulk up its coffers.

FireEye’s report points toward North Korea using cyberattacks mostly for financial gain as it suffers under the weight of economic sanctions. Pyongyang-backed hackers target financial institutions to try to access and then transfer funds, FireEye said.

Richard Harknett, a cybersecurity researcher and head of the political science department at the University of Cincinnati, said that while U.S. government officials may have hoped the DOJ charges against the North Korea programmer would serve as a deterrent, the country will continue to use its cyber team for financial purposes so long as sanctions remain in place.

But he said the denuclearization talks and cyber push could go hand in hand: If North Korea loses the capability to illicitly access funds through cyberattacks, officials in the country might be more willing to denuclearize in order to get the sanctions lifted.

“They’ll accept the U.S. position more if we’re able to take away cyber as an option for them,” he said.

Tags Donald Trump Mike Rogers

The Hill has removed its comment section, as there are many other forums for readers to participate in the conversation. We invite you to join the discussion on Facebook and Twitter.

See all Hill.TV See all Video

Most Popular

Load more


See all Video