BreachExchange mailing list archives
Sanctions a warning to nations backing cyberattacks
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 5 Jan 2015 20:23:02 -0700
http://hamptonroads.com/2015/01/us-sanctions-seen-warning-nations-backing-cyberattacks New U.S. sanctions against North Korea over the hacking of Sony Corp. will probably have a limited impact on the isolated Asian nation, but may serve as a warning to other countries suspected of sponsoring cyberattacks. After President Barack Obama announced measures against 10 North Korean officials and three government entities Friday, the administration said further punishment is coming. Even so, the moves to block U.S. bank access and business dealings with targeted people and entities will be minimized by the fact that impoverished North Korea already is subject to U.S. penalties for its pursuit of nuclear arms and is largely isolated from the rest of the world. "Sanctions do little against North Korea and really do not put sufficient pressure on the regime or Kim Jong Un personally," said David Maxwell, a retired colonel in the U.S. Army special forces and a specialist on North Korea, referring to the country's leader. "Sanctions, while important in sending an international message, are just not strong enough to influence regime behavior." For the United States, the Sony attack was different because it wasn't simply an attempt to disrupt traffic, spy or steal information, but to destroy data on a foreign network, said an administration official involved in the deliberations about how to respond. The latest penalties are intended as a signal to nations engaged in offensive cyber-activities that the attack on Sony crossed a line, according to the official, who asked for anonymity to discuss internal administration debates. Some cybersecurity specialists have questioned whether North Korea was behind the November attack. White House press secretary Josh Earnest, in a statement accompanying the sanctions announcement, reiterated that the administration blames the North Koreans. "We take seriously North Korea's attack that aimed to create destructive financial effects on a U.S. company and to threaten artists and other individuals with the goal of restricting their right to free expression," Earnest said in the statement. An administration official said on a conference call with reporters that none of the agencies or individuals listed, however, are believed to have been directly involved in the hacking. The official asked not to be named. Joseph DeTrani, a former top U.S. intelligence specialist on North Korea, in a phone interview said the sanctions target the key players in North Korea's government and its major agencies. He said the country has the technical capacity to carry out the attack on Sony's computer network, and called evidence laid out by the Federal Bureau of Investigation last month "pretty compelling." The United States contends that the attack, which exposed confidential industry information and forced Sony to take its computer network offline, was retaliation for the planned release of the company's "The Interview," a satirical movie that involves a fictional plot to assassinate Kim Jong Un. A group that claimed credit for the attack also threatened movie fans with violence if they went to see the film. Sony initially said it wasn't going to distribute the film, a decision Obama on Dec. 19 said was a mistake. The company has since sent the film to several hundred independent theaters and released it through Internet video services. While numerous American banks, retailers and other companies have been hit by foreign hackers, the sanctions are the first the United States has imposed on a foreign country in response to a cyberattack on a U.S. company, another administration official said on the call. Jonathan Pollack, an Asia specialist at the Brookings Institution, a Washington-based policy research center, said because 90 percent of North Korea's economic and financial transactions are made with China, the U.S. reach is limited. The sanctions show, though, the United States won't stand still if its companies are the victims of cyberattacks, Pollack said. "Part of it is a name-and-shame aspect," Pollack said in a phone interview. The United States already blocks transactions involving people and entities that help North Korea sell and buy arms, procure luxury goods or engage in money laundering or drug trafficking. Administration officials said in the conference call that they hoped other nations would join the U.S. effort. Bruce Klingner, senior research fellow on Northeast Asia at the Heritage Foundation in Washington, said in an interview that sanctions could have a greater impact than some people think. Despite the common perception that North Korea is the most isolated country in the world, Syria, Myanmar and Zimbabwe are more heavily sanctioned by the United States, he said. The steps announced Friday will make it more difficult for the targeted North Korean agencies and individuals from operating in the global financial system, he said. "The most reclusive regime or terrorist group has to have its money cross-borders at some time," Klingner, the Central Intelligence Agency's former deputy division chief for Korea, said in a phone interview. The transfers can be made either impractically through suitcases or, more probably, through digital means. Most of the electronic transactions go through U.S. banks because they're nearly always denominated in American dollars, he said. The sanctions "could make it much more difficult to move money," he said. North Korea had warned the United States against punishing it for the cyberattack, saying it would lead to damage "a thousand times greater." The sanctions would probably lead to more "trash talk," Pollack of the Brookings Institution said. DeTrani, now president of the Intelligence and National Security Alliance, a nonprofit group that includes government and business leaders, said he doubted the sanctions would draw any significant response from Kim Jong Un. "I don't think he wants to go down that road," he said.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Sanctions a warning to nations backing cyberattacks Audrey McNeil (Jan 06)