North Korea: How Can the U.S. Respond to Sony Hack Attack?

North Korea: How Can the U.S. Respond to Sony Hack Attack?

Experts Say Possible Responses Range From Financial Sanctions to Targeting North Korea’s Cyber Capabilities.

http://www.wsj.com/articles/ north-korea-how-can-the-u-s- respond-to-sony-hack-attack- 1419063801

In this picture from 2007, a man walks past a Banco Delta Asia office in Macau. The U.S. Treasury Department imposed sanctions on the bank in 2005, accusing it of being a money-laundering channel for North Korea.ENLARGE
In this picture from 2007, a man walks past a Banco Delta Asia office in Macau. The U.S. Treasury Department imposed sanctions on the bank in 2005, accusing it of being a money-laundering channel for North Korea. REUTERS

By
JONATHAN CHENG And

JEYUP S. KWAAK
Dec. 20, 2014 3:23 a.m. ET
1 COMMENTS

SEOUL-U.S. President Barack Obama ‘s warning on Friday of punitive action against North Korea following the cyber attack on Sony Pictures Entertainment raises a sticky question: what can the world’s leading military and economic power do to an isolated country that has successfully resisted decades worth of attempts to rein in its hostility?

North Korean commerce with the U.S. is virtually nonexistent, limiting the possible impact of trade sanctions, and the potentially disastrous consequences of any U.S. military retaliation are prohibitive enough to render it the remotest of possibilities.

But even so, there is room for action, say some experts, ranging from financial sanctions to direct actions targeting the North’s cyber capabilities.

A cyber attack last year on North Korean websites-by a group of hackers calling themselves Anonymous-offers one potential model for punitive action. That attack rendered multiple North Korean websites, including the propaganda website Uriminzokkiri, inaccessible for a time and, the group says, allowed them to take a significant amount of data from North Korean servers.

The veracity of some of the data released by the group couldn’t be verified, and has been questioned by some cyber security experts. The propaganda sites were also restored after the hack, limiting the impact of such a move on North Korea.

U.S. and South Korean hackers could also target the North’s computer hardware, says Choi Sang-myung, a senior researcher at Hauri Inc., a South Korean antivirus developer.

“North Korean hackers are essentially a group of data thieves, not destroyers,” Mr. Choi said in an interview. “If malicious software is planted in the information they are seeking, the hackers’ computers could be compromised.”

However, engaging in any kind of cyber tit-for-tat with North Korea could undermine trust in the security of online banking and shopping services, cautions Stephanie Balaouras, vice president of security and risk at technology research firm Forrester ResearchInc.

“If U.S. officials are that confident their attribution is correct, the best course of action is to work with Sony to distribute ‘The Interview’ to every corner of the world and across every available medium for free,” Ms. Balaouras said.

On the financial front, the U.S. has wide latitude to target the North’s financial capabilities and its links to the global banking system, says Joshua Stanton, a Washington, D.C. lawyer and blogger who has advised the U.S. House of Representatives’ Foreign Affairs Committee on North Korea sanctions legislation.

Mr. Stanton says the U.S. can designate the North’s banking system as a money-laundering concern, add the country back to a list of state sponsors of terrorism, and move toward blocking U.S. tourism to the North.

“Our North Korea sanctions are weaker than our Zimbabwe sanctions,” Mr. Stanton said in an interview. “All of the top officials in the government of Zimbabwe have their assets blocked, and none of the top officials in the government of North Korea do.”

President Obama said that North Korea’s decision to mount a cyber attack over ‘The Interview,’ a satirical movie starring Seth Rogen, says a lot about the isolated country.

Mr. Stanton argues for a similar action to the 2005 financial sanctions that the U.S. Treasury Department imposed on Macau-based Banco Delta Asia, which it accused of being a money-laundering channel for Pyongyang. That move froze $25 million of North Korea’s money at the bank and prompted strong protests from the regime.

Mr. Stanton says that a similar sanction could be imposed for the whole country’s financial system, with narrow exceptions made for food and humanitarian aid. In recent years, the U.S. has applied that designation to individual banks, such as Banco Delta Asia, as well as the entire banking systems of Myanmar, Nauru and Ukraine.

“The single biggest thing that we can do is to designate the country as a primary money-laundering concern,” Mr. Stanton says, which he says would block the regime from conducting dollar-denominated transactions through the U.S. financial system, as its institutions can now do.

“That would have a very big impact on North Korea-banks around the world are very reputation-conscious,” he says, and would shy away from conducting any transactions with institutions tied to Pyongyang.

Some defectors from North Korea say Pyongyang has learned from the Banco Delta Asia sanctions, and now keeps much of its money outside the traditional banking system, which could limit the impact of such a move.

Mr. Stanton also notes that U.S. sanctions list just 63 North Korean ships, companies and individuals, far fewer than those for Myanmar or Cuba.

He also says that U.S. Congress could start moving legislation that would impose similar restrictions blocking U.S. citizens from traveling to North Korea and spending money.

While the number of Western tourists to North Korea remains small-it is estimated that about 6,000 went last year-Pyongyang has said in its state media that it is eager to expand its tourism industry, a source of hard currency for the government.

Write to Jonathan Cheng at jonathan.cheng@wsj.com and Jeyup S. Kwaak at jeyup.kwaak@wsj.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: