The growing North Korean cyber threat [Commentary]

North Korea terrorized a U.S. company, attempted a major cyber bank heist, launched its ransomware across the world, and is now implicated in a cyberattack against the very UN panel charged with investigating the Kim regime’s attempts to evade nuclear sanctions levied by the world body.

As one of world’s poorest and most isolated countries, North Korea has found in cyber a perfect asymmetric weapon, one the regime is deploying with increasing frequency, with few repercussions. The Trump administration must change that calculus by imposing real costs on Pyongyang and its backers before North Korea has the ability to devastate the American economy.

The evidence of North Korea’s cyber intentions is growing clearer by the day. The New York Times reported last month that North Korean hackers likely initiated the WannaCry ransomware attack. That attack spread to more than 200,000 computers, encrypted files on infected systems and demanded a ransom payment or the files would be deleted. The hacker group’s bounty likely went directly or indirectly into Pyongyang’s coffers.

News reports last month also detailed a sustained cyberattack linked to North Korea on the United Nations experts investigating how Pyongyang is evading sanctions to continue development of its nuclear weapons and delivery vehicles.

Last year, Pyongyang tried to steal $1 billion from Bangladesh’s account at the New York Federal Reserve. In 2014, North Korea directly targeted an American company – and the principle of freedom of speech – when its hackers destroyed Sony’s computers and servers ostensibly over the release of “The Interview.”

And in 2013, North Korean hackers attacked South Korean banks and media companies using malware dubbed “DarkSeoul,” destroying tens of thousands of computers, deleting data from hard drives, overwriting bank records and rendering many banking services inoperable.

By attacking international banks and multi-national companies, North Korea is engaging in cyber-enabled economic warfare, using cyber technology to attack the U.S. and allied economic wherewithal in order to reduce our political and military power. This is the ultimate asymmetric weapon for North Korea. The Kim regime recognizes that while they can get by on starvation rations and a per capita GDP of less than $700, the U.S., the Republic of Korea, Japan and other industrialized, modern countries are built on the strength of their economies, which depend on networked systems.

Pyongyang’s sustained attacks on South Korea as well as its blatant assaults on the U.S. banking and commercial sectors must be seen for what they are – a honing of a capability to degrade or possibly destroy a pillar of American national security. If allowed to mature, the cyber capability of North Korea could become as dangerous to our way of life as its nuclear weapons program.

The U.S. must act now to prevent such a maturation. An appropriate response should have defensive and offensive elements combining enhanced resilience in our own networks and economic, diplomatic, covert and kinetic responses to thwart the Kim regime’s capabilities and ambitions. Pyongyang’s supporters value access to the American financial system and we should issue sanctions and criminal charges against them to send a message that enabling cyberattacks have consequences.

We must harden our defenses and strengthen the castle walls, share data with the private sector – the primary target of North Korea’s attacks – and think more creatively about new forms of cyber cooperation with the most technologically advanced of our allies. Our nuclear umbrella is a critical component of the defense against the North Korea nuclear threat; it is time to develop and field a “cyber umbrella” that can shield our most critical networks and systems.

We must also build out our military response plans should attacks rise to that level. The New York Times reported in March that Washington is engaged in a cyber effort to sabotage North Korea’s missile launches, sending Pyongyang a message that cyberattacks go both ways.

Ultimately, both North Korea and its enablers must understand that the United States considers an attack on American business as an attack on American sovereignty. And any such attack will not go unanswered.

Samantha Ravich is a senior avisor at the Foundation for Defense of Democracies’ (FDD) Center on Sanctions and Illicit Finance (CSIF) where she focuses on cyber-enabled economic warfare, and also serves on the CSIF Board of Advisors. Ravich served as the deputy national security advisor for Vice President Cheney and served in the White House for five and half years.

Anthony Ruggiero, a senior fellow at FDD and CSIF, was an advisor to the U.S. delegation to the 2005 rounds of the Six-Party Talks and spent 17 years in the U.S. government. Follow him on Twitter @_ARuggiero.