Skip to main content

tv   Key Capitol Hill Hearings  CSPAN  January 14, 2015 12:00am-2:01am EST

12:00 am
ly enjoyed pieces. we have done joint letters to officials, and i believe that we have gotten the biggest bang for the buck because we have shown unity. bipartisan delegation along our differences. we are all americans and love this country. so i want to thank you, mr. chairman, for all you do to ensure that that continues. i continues. i also want to thank our witnesses for their services and testimony. the recalcitrance and unpredictability of the kim regime makes it one of the worst we face on the global stage. we have attempted to address the problem of the north korean nuclear program. unfortunately very little progress has been made.
12:01 am
no closer to denuclearize-ish and today than was several years ago. they continue to develop nuclear and cyber capabilities at an alarming rate. most troubling is the continued development of the medium and long range missile capability. it may be unreliable today but they could oppose a threat to guam, alaska, or even the west coast of the united states and some believe they have aspirations to build submarines that could carry these missiles even closer to the united states. they appear to be working toward a miniature warhead that can be mounted on missiles. the commander of us forces in north korea at this moment they may possess the ability to miniaturize a nuclear warhead.
12:02 am
it is it is clear there aspirations do not stop with convention -- conventional nuclear weapons. they are quietly developing a defensive cyber capability. i was was deeply disturbed by the cyber attack on sony that took place. agents agents working for the north korean regime than the lies and coworkers to company in the united states. as i said then, no one should feel that they must see their rights to operate within the law because of veiled threats from rogue actors. are you putting safeguards
12:03 am
in place to ensure these kinds of attacks will not be successful in the future? i i look forward to hearing about your progress. there is no international agreement or your definition of cyber war or cyber terror yet it is clear that they can cause distraction of property, intimidate the public will bring about the loss of life they could be as serious as conventional acts of war terrorism. we must assure north korean cyber capabilities and those of other state-sponsored and rogue actors do not threaten our citizens, businesses, or national security. i would like to here the witnesses assessments of these risks and the ability of allies and partners to effectively defend against them. finally, let's remember the greatest threat they regime in known poses is to its own people.
12:04 am
i still remember the incredible uneasiness i remember being in a place where absolute power is consolidated among the very few. the effort reports about the abuses imposed upon the people of north korea. the north korean regime is responsible for a systematic widespread and gross human rights violations including crimes against humanity. we share a deep commitment and face the delicate balance by recognizing the need for basic support.
12:05 am
i thank you for joining us today. >> had joined from the department of state, treasury, and homeland security. the special representative for north korean policy and the deputy assistant secretary for korea and japan previously serving as us ambassador to the republic of korea and special envoy for the six party talks. the department of treasury, serving as the 1st rector of the treasury's executive office of terrorist financing and financial crimes. brig. gen. gregory tocqueville's deputy assistant secretary for
12:06 am
cyber security operations and programs at the department of homeland security, previously serving in the united states air force has director of command and control communications and cyber systems. without objection the full statement will be made part of the record. ambassador if you would like to begin. if you could summarize your remarks we we will go to questions. quick thank you very much. thank you for inviting me today along with my colleagues to testify about north korea. as we responded to the destabilizing provocative and aggressive policies and actions we appreciate the
12:07 am
interest and attention you and the community have given the support issue. in recent weeks the american people and the international community have been deeply troubled by the destructive cyber attack on sony pictures entertainment. an extensive investigation was concluded that the attack was conducted by the government of north korea. that is why the president made clear the united states would respond proportionately in a time and manner of our choosing. our response to the attack is consistent with our policy across the board one which seeks to increase the cost on north korea of its behavior and to persuade it to abandon its nuclear rights program, respect the human rights of its people and abide by international norms. we need to change the
12:08 am
equilibrium and move the regime away from a study. together we are using the full rein -- full range of tools to make clear that abandoning these ways is the only option to end political and economic isolation. we will sponsor the dpr came his behavior. the executive order is an important new tool and provides a framework for the full range of behavior. in applying this pressure our work with allies is vital. the united states has limited ties with the dpr k so k so sanctions are much more effective when supported by our partners.
12:09 am
i can tell you our alliance with south korea is stronger than ever. it sends a powerful message of deterrence. we would we would like to take this opportunity to thank you and the community for the strong support for our robust alliances. as we apply unilateral pressure and strengthen deterrence will continue our principled diplomacy. we have made clear that the door is open for communication. thanks to continued and robust engagement are unity has never been stronger. there will be a strong a strong and unwavering message echoed by the international community that it we will not be accepted as a nuclear power.
12:10 am
the alliance is a bedrock of our diplomacy. all parties are resolute. governments have condemned the attack and expressed solidarity with the united states to intensify coordination. i will travel later this month. i will also visit beijing to strengthen cooperation with china who has done a great deal on north korea. china condemns malicious behavior in cyberspace. although russia has recently pursued investment our alignment on the cold -- the sole goal remains constant. building on the important work of the un commission
12:11 am
this past year resolutions were adopted calling for accountability for north korean human rights abuses. mr. chairman, this requires a sustained and concerted efforts and indeed by the entire international community. together we we will change the equilibrium and persuade piƱon that north korea obama achieve prosperity. thank you for the opportunity to appear before this committee. >> thank you, ambassador sing kim. >> thank you, chairman rice ranking member distinguished members of this committee.
12:12 am
the dprk is a brazen and isolated regime that has repeatedly shown flagrant disregard for the international standard of its nuclear and ballistic missile programs, repeated violations of un security violations serious human rights abuses and most recently it cyber attack on a us company. in response to the dprk cyber attack on sony pictures the president signed an executive order granting the treasury department the authority to impose sanctions against agencies, instrumentalities and entities controlled by the government of north korea and the workers party of north korea.
12:13 am
this represents a significant broadening of treasury authority to increase financial pressure on the dprk and further isolated. for for the 1st time we have the authority to designate individuals and entities based solely on their status as entities of the dprk. simultaneous to the issue of this executive order treasury designated three entities and ten individuals as critical north korean operatives including the result trevor carson's general bureau, the dprk intelligence organization responsible for many cyber operations the korean mining operation, the primary arms dealer and ten officials of the government. we will continue to use this broad tool to expose
12:14 am
activities of north korean government officials and entities. they are also using existing tools since 2005 treasury has designated over 60 entities and individuals which targets wmd operation facilities. under under these authorities treasury has exposed and cut off access to the us financial system to two of north korea's most important banks. we have designated general kim yung chou the head of the rgb and was recently named as the official likely directed the cyber attack on sony. today the dprk is greatly
12:15 am
isolated. isolated. we haven't sure there is limited access to the financial system and work with our allies. as a result of sanctions and other measures financial institutions around the world began severing ties in order to avoid entanglement. his actions contributed to the economic isolation and spurs positive change in the behavior of banks around the globe. while this has made it more complex treasury continues to deploy tools at its disposal to induce the government to abide by international obligations. the the us government to the malicious cyber attack is a result of our determination. protecting the us from cyber attacks is not about
12:16 am
sanctions but working with the private sector to safeguard the economy. beyond our response to the sony cyber attack safeguarding the infrastructure from state-sponsored malicious cyber activity is part of treasury's mission. we partner with the private sector to improve bracelet -- baseline security. i go into much of this in my written testimony in greater detail. as we confront the destructive actions of the dprk the authority to isolate north korea from the financial system they we will continue to combat cyber threats. thank you for your invitation to testify before the community and i look forward to answering any questions. >> thank you. general. >> thank you, general. ranking member distinguished members thank you.
12:17 am
i appreciate the opportunity to appear before you today. the department of homeland security leads the national effort to secure federal civilian networks and coordinate the national effort to protect critical infrastructure and enhance cyber security. analysis learning, information sharing, tolerability reduction mitigation, and a international recovery efforts. dhs ensures maximum coordination of partnership with federal and private sector stakeholders while working to protect privacy confidentiality, civil rights and liberties. the office of cyber security and communication focuses on managing risk to the communication and information technology infrastructures and the sectors that depend upon them as well as enabling timely recovery.
12:18 am
our office executes its mission by supporting 24 hour day analysis and information sharing response to private and public partners to strengthen the security of federal civilian, executive branch networks and engage in coordination on cyber security and communication issues. we offer capabilities and services to assist federal agencies and stakeholders based upon status and requirement. the department engages stakeholders through a variety of mechanisms including information sharing forums and the national cyber security and communications integration center which we call the intech. a national nexus of cyber and communications
12:19 am
integration for the federal government, the intelligence community, and law enforcement. activities include incident response and during or following a cyber security incident dhs meyrick provided response capabilities that can aid in recovery. when requested by an effective stakeholder we provide instant response or the industrial control system. the 2nd activity is assessing security posture and recommending improvements. we conduct risk and vulnerability assessment to identify potential risk to
12:20 am
networks, systems, and applications and then provide recommendations for mitigation. a 3rd activity may provide direct technical assistance. following attacks in the financial services sector are united states computer emergency readiness team went on site to provide direct technical assistance. the technical assistance and technical data include identifying 600,000 distributed denial of service related ip addresses and contextual information about the source of the attack the attack, the identity of the attacker and associated details. we we have had a long-term consistent thread engagement discussion with the department of treasury the
12:21 am
the fbi and private sector partners in the financial services sector. regarding regarding the sony pictures entertainment incident, and november 2014 we were made aware of a specific significant preaching the private sector impacting sony pictures and ten. they used a sophisticated worm to conduct cyber exploitation activities. since activities. since that time dhs has initiated a series of proactive steps designed to protect not only the dr. no space but share information with private sector partners and have worked extensively with partners including the fbi and other agencies and international partners to share information and collaborate on information analysis. we have published multiple products shared with other federal agencies the
12:22 am
private sector and sector and the general public. as a trusted information sharing partner we do not have a regulatory role. our mission includes securing critical infrastructure and protecting the federal .gov no space. as we conclude cyber threats prevent a challenge to the security of the nation's critical infrastructure. dhs remains committed to reducing risk. we will continue to leverage partnerships inside and outside of government to enhance security and resilience of networks while incorporating privacy and civil liberties safeguards into all aspects of our work thank you for the opportunity to provide this information," which your questions amb. ambassador
12:23 am
kim made a.that increasingly russia has stepped in which i now has curtailed with respect to support for north korea speaking about the issue of forgiving debt and certainly the investments from russia into the rail network. the functioning rail network it is at the border. the investment would seem to be critical. the question i have is is that an investment sanctionable? and on top of that if we look at section 311 sanctions which you were at the center of in 2,005 with respect to bank told to
12:24 am
delta asia, there is more that we could be doing if we were to label north korea a primary a primary money-laundering concern as we have done with the wrong so the question i have is let's go to the issue of financial sanctions on north korea. as kurt campbell noted recently, we could really move effectively and make life much more difficult for those who are making life difficult in south korea and here.
12:25 am
>> i i agree that it is our goal to implement sanctions that isolates north korea. the goal is to squeeze them financially as much as possible. with respect to the new financial order that is an important new tool we have at our disposal. so we could target any north korean government agency target any north korean government official and apply sanctions with respect to any individual or entity.
12:26 am
that gives us -- >> and i think that is where we need to focus. the foreign trade bank just designating north korean institutions is not going to curtail the kind of hard currency that the regime uses in order to continue to expand their icbm program. >> and that is what we are trying to do identify their notes why that was a success was not with respect to the specific action but it tied up about $25 million of north korean money. the real impact was that it created a chilling effect throughout the financial system. we still live in that world today.
12:27 am
that action and many others have made it harder. >> that's why we have legislation from the senate. my observation at the time was it was not just that bank but a dozen others all willingly doing business in laundering or doing business with north korea, and once those accounts were frozen not only could he not pay his generals but i worked with defectors who said that program came to a a halt because we did not have hard currency. we could not even by clandestine gyroscopes on the black market for those missiles. that is the kind of pressure i think that could cause a regime to recalibrate his thinking. there their must be consequences, and it has to impact the family itself
12:28 am
that runs the country. the best way i can think to do that is to not give them the hard currency so that the generals are not paid and the people turn and say their must be a better way forward. that's why we are trying to jumpstart this to financial sanctions ever truly create additional pressure. do you think that would be a useful tool? >> you say chairman, it was dozens of banks. banks. it was hundreds of banks making the decision at the time. so we have that impact, and that is one that we are still -- that is a world we are still living in.
12:29 am
you say that the goal is to identify financial institutions outside of north korea that provide these points of access. you mentioned the foreign trade bank. that was the primary source of access. >> true enough. there are a number of small banks doing business with north korea that if we really wanted to squeeze we could cut off and if we do it becomes problematic for them to get resources even to send hackers to moscow. if you cut out hard currency these regimes cannot carry out the kinds of offenses attacks that they are the own -- that they are given
12:30 am
to. >> and that is exactly what we are trying to do. these are banks we have targeted with sanctions. we use sanctions -- section 311. this has caused a chilling effect. major commercial major commercial banks within china have cut off their relationship. i think, chairman, that is exactly the right approach. >> we are on the right road. we just want to accelerated. >> thank you, mr. chairman. the bottom line is the most be an impact on the family that runs the country. when we went to pyongyang --
12:31 am
granted, i was there twice and you are limited to what you can see we were told that we could only be in the capitol and cannot go outside. we got up early and observed people going to work in the morning. everything seemed normal. people looked like they work were for -- fed properly wearing clothes for work. it seemed like any other major city. we are told that pyongyang is essentially where the elites live. that is really the problem. what can be done to bolster the enforcement of existing sanctions in a a way that would impose costs for the north korean elites? what other lovers would we have two make sure it is not a a situation where you have elites in the capitol doing
12:32 am
relatively well and impose sanctions that hurt people that are starving around the country. what might what might we do to make sure they are fitness and suffer penalties for actions. >> thank you for that question. i don't think the misery that has been inflicted on the north korean people can be attributed to sanctions. the north korean government must bear sole responsibility but i take your.of the goal is to try to put pressure on the elites and think that it is precisely through access to the international finance system that we can be that because that is how the elites require hard currency that the chairman talked about luxury goods and other things that make their
12:33 am
lives pleasant that make the system run as far as it actually does. so that is what we're trying to do. we're trying to identify sources of currency one of which is conventional arms sales which is why we targeted eight officials individuals who operate in places like africa who are raising hard currency for the regime. as the chairman said we have tried to identify points of access so that they cannot repatriate funds we have identified a number of banks, but this is an ongoing effort an effort that has been ongoing for ten years. it is a hard target because their needs are relatively small. it makes it effective when we find a male.
12:34 am
they try to gain access through countries in which we have less influence and so it is an ongoing effort. >> thank you. i am wondering if any of you can talk about -- obviously north korea is gaining conventional nuclear capabilities which emboldens them with respect to military activity in other domains such as cyberspace. can anyone talk about that? ambassador? we are deeply concerned about north korean efforts to improve the dangerous capabilities. they pose a great threat not
12:35 am
just to the region but to the united states directly. we must continue to increase pressure on all fronts which requires a continuing effort with partners, not just in the six party process but the community. i can assure you that regardless of continued efforts we are fully capable of defending against any threat posed by the north koreans. i.to one example coming up shortly. this is an important exercise. very effective in making sure we maintain the strongest possible capabilities so that we are prepared to deal with any threat posed by north korea. >> .-dot the north koreans
12:36 am
usually react hostility to joint maneuvers? we're saying that this joint drill is routine and not related to a report that north korea is trying to increase submarine capabilities. whether it is or is not, i'll elected as the acting out? >> i do not want to speculate on what they may be planning to do. they do not like our exercises because they understand that it strengthens our combined deterrent capability. these are routine non- provocative operations being carried out for over 20 years. they have no right to complain. >> you mentioned ambassador the six party talks.
12:37 am
the the north koreans seem to be more interested in having to party talks with the united states rather than the six party talks. is that still would we find? >> unfortunately they do not seem to be interested in any constructive dialogue with anybody. we believe that the framework provides a viable forum for discussing this issue. the six party process has made the most clear commitment to denuclearization, and we must hold them to it. it it also includes key countries in the region that have a stake in this issue. we have the chinese to share the process and i think we need to try to work with in the process. >> thank you. my last question i want to
12:38 am
follow-up on the elites discussion. we find that the elites in north korea find creative ways around the existing sanctions. they work through chinese banks which are not exposed or integrated to the international market. what do we do to go after these types of presentations can back. >> the chinese financial system is integrated into the international financial system. one good example of our ability to impact behavior was as i have the exchange with chairman rice, our designation of foreign trade bank upon our designation, the names of major commercial banks in china
12:39 am
acted, as you would expect any international commercial bank to act and announced that they were cutting foreign trade bank off. and so we can have an impact that said you are exactly right. china does provide north korea the lion's share of its access. it is an issue that i have had discussions with the chinese many times on and is something we must continue to talk to the chinese about to get assistance in making sure their financial system does not provide the opportunity to engage in proliferation. we were talking about this just before this hearing. so it is a significant issue and one we are focused on. >> we will be in beijing so
12:40 am
we can continue the dialogue. they are going to mr. steven chabot. >> this committee has long recognized the danger of the growing capabilities of pyongyang. i held to hearing specifically on north korea because not only is it the greatest security threat but one of the most vexing security challenges and greatest policy failures. a couple of questions. the asia pacific subcommittee heard testimony he stated that china is north korea's last remaining patron.
12:41 am
however, as the chairman mentioned pyongyang has a growing relationship with russia and illicit networks with countries in the middle east. we know we no they maintain a robust and illicit trading network. last year they signed a trade deal with russia which would provide pyongyang with an economic boost to counterbalance the chinese. in light of north korea's recent cyber attack on sony there is growing speculation about how the cyber army really is. amb. and general, can, can either of you discuss who
12:42 am
are north korea's primary patrons at this time and could you discuss where north korea is gaining cyber capability and expertise? finally, is there a more accurate sense as to how big north korea's cyber army really is? >> thank you very much. i defer to the general on the cyberspace issue. with regard with regard to north korean patrons, frankly, i think they are running out of friends. they are becoming increasingly isolated. of course china has a special relationship with north korea. they have considerable leverage. but we are what we're seeing is that china is working with us more effectively and trying to stifle the
12:43 am
dangerous activities. all of us need to do more. there has been some senior-level discussion but i believe the bottom line is the russians remain committed to the shared goal of denuclearization and want to work with us to make sure they move in that direction despite some recent contact. >> thank you very much. regarding the acquisition of tools and capabilities in cyberspace and being able to employ them many of these tools, as a matter of fact, most are readily available to anyone around the world. many of the tactics techniques and procedures to five used are openly available through the marketplace and frequently posted online.
12:44 am
the acquisition of capabilities is readily available to anyone through open-source activities. north korean cyber capabilities were 1st revealed in march 2013 at south korean financial services and media firms were attacked. the latest attack from an operation to spy on and disrupt south korean military and government activities. could you say whether north korea's focus on using the master boot record wiped functionality if you are familiar with that is similar to the attack launched on sony and what possible responses or protections we have against this type of cyber attack.
12:45 am
>> thank you for that question. the attack using a wiper virus in essence means that every computer has an instruction set contained in part of the disk called the master boot record which tells the computer what to do when it is turned on. using an attack against that basically wipes out the record and the computer no longer knows how to turn itself on and look for information so it is a devastating attack. as we take a look at the code it was a sophisticated well-organized piece of code specifically engineered to
12:46 am
attack master boot record. when it comes to that type of master to it is difficult to do that for each and every piece of code. our current database numbers over 100 million sample sizes. that said we've taken the information and loaded those indicators not only into the einstein system to help protect federal systems but shared it with international partners the private sector and the like. like. indicators we have derived from analysis we have shared but it is very well crafted code. >> we go to mr. brad sherman of california. >> the witnesses should relax for a few minutes as i have an opening statement but did not relax too long.
12:47 am
obviously north korea is worthy of sanctions but how do you have trade sanctions against the sanctions have no trade name and shame the company that is shameless. the ranking member and chairman had pointed out that we can have secondary sanctions. they are where we threaten another country or bank or other company in another country with sanctions if they do business north korea if we designate those provide material support to the dprk start with the government of china. free money free oil subsidies. the ambassador points out that the chinese have stifled north korean behavior by pushing them to
12:48 am
be a less aggressive but the fact is just last month they threatened to blow up multiplexes in the district of every member up your. china has made a strategic decision. for now they are back in north korea. every day every day they give them free oil, support them militarily and medically. we would have to do things that china disagrees with do things to chinese companies to china's own trade relationship. one thing we can do is designate them a currency manipulator. this has the additional advantage of being true. since we are probably unwilling to do that we we
12:49 am
will target of this is that chinese company or bank with some success to at least suppress and annoy north korea. china seems to have made a strategic decision that north korean success is so important that they will give them free money. i cannot imagine they would allow us to completely shut off banking relationships. i support all efforts of the gentleman here in the ranking member and the chairman to try to turn this picket down a little bit, but i i do not think it can be turned off. we ought we ought to reflect that this was a unique attack not just on a a company that freedom of speech in the united states.
12:50 am
i would like to give them a double dose of free speech. we spent $8 million million dollars broadcasting into north korea. we could increase that to 16. right now we are broadcasting into north korea only 11 hours per day. it ought to be 24. i believe those broadcasts will undermine the regime with the people and the elite. i cannot think of anything we could do for $8 $8 million that would better express our dedication to the first amendment and to imposing difficulties. i difficulties. i would like to explore satellite television broadcasting because i particularly i particularly want to broadcast a particular movie and hope we do the directors cut before they tone down the climactic scene. i commend to all those on
12:51 am
the community the december 8 report one -month-old issued by the broadcasting board of governors which oversees voice of america and radio free asia issued pursuant to the north korean human rights reauthorization act. general how certain are you -- and i realize you are out of government -- that north korea is the entity that both had sony and threatened terrorist action against our movie theaters? >> thank you for the question. i have just changed uniforms
12:52 am
a retired from active duty and was recruited to come on board as the deputy assistant secretary attribution of these type of offense is not a function of my organization but the intelligence and law enforcement community. that said i am am familiar with attribution methodology, preservation of evidence and things to be done by the intelligence and law enforcement communities. based upon what i have seen and in consultation with my partners and the intelligence community and law enforcement communities in this particular instance i have trust and confidence in their conclusions. >> you have seen more than some of these outside experts on 24 hour news channels. >> yes, sir. i have seen more than some of my colleagues in the private sector.
12:53 am
>> thank you. we go to mr. michael mccaul. >> we just passed a bill a cyber security bill codifying the cyber command within dhs giving us the congressional seal of approval. i see it as the civilian portal to the private sector when sony happened i had to ask the question, which of the 16 critical infrastructures does this fall under? it is a bit unclear. the presidents announcing a cyber plan this afternoon i think the vision is to make the department of homeland security the portal civilian
12:54 am
interface to the private sector between the federal government and the private sector. sharing information from various data points with liability protection to incentivize participation within the department. and i want to talk about the foreign affairs aspect of cyber and the cyber jihad threat that we just recently saw. how do you view the role with respect to the event that happened sony? >> thank you for the question for helping us with the legislation that just passed. as we take a look
12:55 am
integration is part of our name. as you mentioned, the law enforcement partners, intelligence partners intelligence community, other departments and agencies and private sector partners are coming together on the floor they have the ability to bring in folks from all aspects of critical infrastructure law enforcement, and the intelligence community as well as representatives from the department of defense so that we are sharing information, transparent. the information ranges from top secret sensitive, compartmentalized information down to unclassified information. they are finding that these
12:56 am
partnerships is helping to strengthen not only our situational awareness but in getting solutions to issues. we are we are working together to secure and make our infrastructure more resilient by leveraging activities. we have come a long way and as we look to the future the legislation that is proposed -- >> i would like to see not just the 16 critical infrastructure but the private sector. i think that -- personally i like the idea of privacy groups that came out so strongly in support of not only my legislation that your efforts because there is a robust privacy office. i want to close with we had
12:57 am
the sony attack and yesterday an attack by cyber jihadists on behalf of isys saying american soldiers, we are coming. watch your back. this is disturbing because as threat vectors developed, as we look at china russia, iran becoming more sophisticated, now with jihadist groups that we have seen attempting to try to get this type of technology now actually be successful and hacking into centcom and to our military isys this is severely disturbing. we do not no how to respond. proportional response, what
12:58 am
does that mean? active warfare warfare what does that mean? this is outside the range of my committee in terms of overdue with other countries what is the appropriate response when the nationstate hits our infrastructure? in this case with a terrorist organization hits our military. general? >> thank you very much, sir. to address your points, the 1st 1st one about the attack and attribution that it got into centcom this was a commercial space. there there was no compromise or evidence of penetration into government and specifically the military computer system. rather, it was a commercially facing bulletin board. anytime there is a compromise of any account it
12:59 am
is serious business. in talking with my partners in the department of defense and the fbi last night they are investigating it and i will be getting an update later. >> we have an opportunity to work on legislation that could deal with the finding what is proportionate response. what is going to be a response from the united states of america with our companies are attacked, departments are attacked our military is under fire? with that i yield back. >> thank you. i was working with mike rogers on a piece of legislation. i appreciate you bringing it up.
1:00 am
we now go to gerry connolly. >> thank you. if you're looking for a democrat i am glad to work with you. [inaudible conversations] >> cyber security is a big issue in my district. i am delighted to help. i think the chairman and ranking member. your your last comment general, i think_something. the distinction between the private and public sector when it comes to cyber security really is not helpful. 85% of the critical infrastructure in this country is controlled by the private sector. and the interface between social media and other things we may be doing in the public sector is often almost seamless because they are so connected.
1:01 am
that is why it seems that we must be concerned and better understand where the boundaries are. i think it was pointed out that we must rethink the codification of cyber security attacks and what it means our.of view, not only us law, but law but what it should mean an international law. if you have a cyber pearl harbor, is that an act of war? at what.does the intensity and severity and magnitude constitute an aggressive act that must be addressed? >> thank you for that question. the magnitude and severity
1:02 am
the rubric of crossing that line is one that has been hotly and actively debated for many years. currently the administration is working to put together codified constructs for priorities and prioritization and taking a look at it from a risk management and consequence management standpoint. ultimately through our congressional processes we we will be making those determinations. >> i appreciate that we will be a process, but one of the tasks that we face is looking at the legal codification because we are at an early stage and i think we want to make international law serve as a tool and an outline. i will try to do this quickly. mr. ambassador does my
1:03 am
memory serves me well that a few years ago the north koreans helped shut down much of the banking system of south korea? >> there was a cyber attack. >> and do we believe it was generated by the north? >> we believe so. more importantly, the south korean authorities have indicated -- >> virtually the entire banking system went down. >> i do not recall the exact extent, but it was a serious attack. >> south korean economy ranks where in the world? >> tenth or 11th. >> so the 10th or 11th largest banking system in the world had its economy shut down by a cyber attack. not just the south korean economy but our own.
1:04 am
china,. china, how hopeful do we think -- you mentioned in your opening statement that china has been more forthcoming and we want them to be more so, but they themselves are engaged in cyber attacks in a systematic way. so how reliable do we think the chinese will be in trying to rein in the north koreans and their cyber security malfeasance? >> i will defer to the general. >> to? >> our dhs colleague. colleague. more generally, i believe chinese cooperation on the north korean issue organization has improved. i would.to their cooperation on the un security council passing a resolution act.
1:05 am
as an example of how their cooperation as improved. it can improve improve further command we we will continue to work. when they think about strategic interest -- >> but my question -- we are limited in time. i understand all of that. when it comes to this topic cyber security, their hands are dirty. why would we count on them to help us bring in north korean cyber security attacks when they are engaged in it with all four paws and snout. >> one of the reasons is when they saw the company attacked like this in such a destructive manner it should have been a wake-up call to chinese that they are also subject to irresponsible attacks. >> i'm sorry. we're running out of time. thank you.
1:06 am
>> as we take a look at information sharing and the common threats and vulnerabilities when we have a common thread some of the things that were observed could just as easily threaten the chinese. it is in everyone's best interest to address the issue and make sure everyone is responsible member of the world community. >> one final observation. that sounds very noble, but but the chinese have been stealing military secrets and bypassing for quite some time in a systematic way. the pentagon knows that. it seems to me i would not rely upon the chinese in that respect on the subject given their record.
1:07 am
it is a problematic aspect of what we are talking about. >> we go to the gentleman from texas. >> globally among the many bad folks in the world there seem to be three main countries, syria iran, north korea. i call them the sick access. i understand that the official definition of nuclear weapons from our government is, you have the bomb but you also have the delivery system. i want to divide the and talk about the weapon, the bomb itself. does north korea north korea have a bomb of some magnitude?
1:08 am
it is just yes or no. >> i wish i could give you a simple yes or no. >> can you say yes or no? >> we know they have continued to work on that flex we all no that. >> i'm not sure. >> do you have an answer? >> i would defer to the state department. >> north korea has conducted nuclear tests. >> they have sent satellites into orbit. >> they have conducted nuclear tests. >> do they have the bomb or not? >> sir i do not no. >> i personally think they have the capability to make a one based upon hearings we have had.
1:09 am
looking on the other end, the delivery system the president of north korea says he wants to develop an intercontinental ballistic missile and for some reason he said he wants to 1st intercontinental ballistic missile to go to austin, texas. take that a little personal. what is the status of the delivery system, if you know? >> i do not no. >> this is not a treasury department issued. >> we are happy to provide you a full briefing in a classified setting. >> we have had some open hearings. they have the ability to make a scout in the bucket. the missile that can go from
1:10 am
north to south korea do they have that capability? >> yes. >> the united states used to have north korea on a state sponsor of terror list. they were moved in 2,008. based upon what you no the you think it might be a good idea to put them back? >> as you know, there is very clear criteria. >> do you think they should be back on the list? this is a yes or no question >> my personal opinion -- >> that is what i want to know, your personal opinion. >> there is a criteria a process, sir. >> how long we will that take? they are hacking into cyber security. do do you have a time limit?
1:11 am
>> i i understand your concern and frustration, but the secretary of state must determine the government has repeatedly provided support for acts of international terrorism. >> do you think that hacking in to our system is an act of terror not? >> i believe that is beyond my -- >> you don't have an opinion. general coming you are in the military. people are afraid to say it is. i just want your opinion. >> as we take a look, it is something that should be part of public debate and we should have a conversation not necessarily constrained to this particular incident, but we should have a public
1:12 am
conversation. >> that is the diplomatic version, i assume. it seems to me that it is an act of terror and we ought to strongly consider putting these outlaws on the state-sponsored terror list. i hope that the state department eventually makes of the mind before more attacks occur. i agree with mr. connolly. the line is is then between an attack upon the government of the united states and an attack on private industry in the united states. that seems to me to be a terrorist attack. i put you back. >> we go to brian higgins of new york. >> thank you, mr. chairman.
1:13 am
the nuclear threat is profound. the question of how to respond to the cyber attack on sony an attack to punish them for making a a movie that she nauseated their supreme leader. the options are few counterattack to weaken north korea's political military and economic assets, highly ineffectual. realistic them as a state as a state sponsor of terrorism with new sanctions. the serious threat posed by north korea far exceeds cyber attacks. it is it is indicative of future intent backed by considerable capability. there is only one geopolitical option and that is to work with our
1:14 am
allies new line old two and north korean existence as an independent entity and reunify the korean peninsula the nuclear threat four to ten nuclear devices and hundreds of short and intermediate-range missiles and active uranium and plutonium programs, and it is not inconceivable. the proliferation threat. it is a potential source of missiles and nuclear materials to rote states road states including terrorists. north korea has a serious conventional military which is an existential threat to the region.
1:15 am
the fourth-largest army in the world two times that of south korea with the population that is half of south korea 28,500 american troops. further aggression would bring the united states into a major costly, and dangerous work. ..
1:16 am
>> >> china increasingly is viewing north korea in a strategic liability not as an asset. is accused north korea as a growing threat to china's stability. china's ties to south korea flourished it is the leading economic partner and chinese
1:17 am
partner gregory visit south korea and north korea so while the discussion is centered on cyberattacks there is a lot that needs to take place. your thoughts? >> i think you're absolutely right about china improving relations. in the point your colleague made earlier what is the tide of strategic perspective? we cannot continue to assume to unconditionally defend their behavior is in their strategic interest there is an ongoing serious debate with the future direction of the policy because they see their future with south korea as a major trading relationship of students and tourists and business people and i think that is where
1:18 am
the future is and one of the reasons restarting to get more cooperation from the chinese regarding this behavior. >> the gentleman's time is expired. >> north korea has a history of cooperation with some of wide range of programs jesus including syria and iran and cuba although i guess it is not politically correct to say it is a rogue regime but i will keep a lid on the list for royal think it tigard changes stripes that quickly. the north korean ship was seized in july 2013. was down to to be carrying cuban and soviet weapons from cuba and it actually sailed through the panama canal to turn off the transponder went to havana
1:19 am
was loaded with their parts and other aircraft and military hardware covered with shirker taken back to the panama canal seized by panama and discovered the weapons. 32 crewmembers released the of his three-year still being held i understand. you have a queue but north korea a correction at -- connection there. venezuela is the largest investor ally in the post-soviet era. if i look back to december december 2011 the top diplomat was linked to a elegists cyberterrorism plots with iran there is another rogue connection from venezuela i believe so you have venezuela involved in cyberterrorism possibly
1:20 am
against united states and cuba in connection with north korea and now number three s cyberattack on an american in company that continues wrote the nation's purpose so i have to ask ambassador to what extent are they engaging with china as syria cuba or possibly venezuela by association and the connection to cyberterrorism there? >> generally speaking we are deeply concerned with relations of other countries and not have specific information with the cyberattacks but we do know north korea has relations with a number of the country is that you mentioned and we will monitor very closely. that shipped intervention is an example of how richard national corporation can
1:21 am
yield results with the sanctions and this is an important point because of limited dealings directly we need international cooperation to make sure international in its unilateral sanctions can be effective. >> treasury are you tracking money or is there any evidence calling for north korea to venezuela? any of these connections? >> yes. we spend a lot of time working closely with the intelligence community who does the real tracking to identify number three in financial of networks to a matter where they will ab potentially in south america but to be honest when it
1:22 am
comes to apply financial pressure on north korea we should not tyke - - take our eye off the ball which is asia that gets its primary access to the chinese specifically as may devise strategies to put pressure. >> they spent some of that in this hemisphere the purchase weapons from cuba. >> cannot think castro just gave them the weapons. >> and again that is widely get the other arms deal we tried to go after those financial the works as the financial arm is another entity that we go after. we're trying to make it more difficult if not impossible to disrupt or dismantle the
1:23 am
ability to move these funds around the world but to identify those that can use the funds. >> i will reclaim my time you are aware if you have the answer the question. >> your time is expired. >> i want to follow up on a question that was already asked and i think to embassador can you have already indicated we're beginning to see indications that china has grown weary of north korea aggression. i thank you have the answer that. is there anything else you can add to the evolving relationship between the people's republic of china
1:24 am
and p'yongyang and specifically as we go forward, how was united states in gauging the people's republic of china and our common interests in a stable korea? what specifically are really doing as may go forward? >> in terms of evolving relations i think it is clear the chinese are thinking much more clearly about their policy and realizing when north korea miss b peyser hertz china on interest but china's own interests are harmed when they misbehave and that affects the approach and cooperation but if you look
1:25 am
at the attraction between the of leadership south korea and north korea there has been numerous meetings in the first two years of their leadership after the election into china and a number of interactions. i think that says quite a bit about the state of relations and we want to continue to work with china so they're more effective than cooperate better with sanctions of enforcement to prevent north korea from taking action but also looking to incredible return to negotiations because we have not given up we want to
1:26 am
resolve that issue in the chinese have a clear stake in that sews this is the topic at all bubbles as president of obama talks about it and secretary kerry in this is an effort to take very seriously. >> my next question is to the general you indicated your fairly satisfied that there really was the north koreans with the sony cyberattack even though you cannot discuss some of the of potentially classified information and. recently the fbi director has urged the intelligence community to declassify more details of the evidence to counter the skeptics can any
1:27 am
of you specifically talk about that status and if we can see this information? >> 84 the question. with that particular declassification i am not part of that conversation but our position has always been the aberration sharing requires the transfer and declassification as much as possible purpose is important to share information across all whole community as much as possible so we're very much in favor of the directors efforts. >> is there a potential fear that there could be a collapse of the north korean government? >> i think we think about and prepare for all
1:28 am
contingencies and we have the insight into what might happen put those including china so that we are best prepared for whatever happens. >> i yield back. >> now we're pleased to recognize a new member of our committee from wisconsin >> you guys have been patient this morning. how large towel -- is the gdp? >> it is relatively small for a country that ciba we can get that you.
1:29 am
>> with a range of 30 to 20 billion does that seem reasonable? given that 25% debt to gdp is agriculture i will give you a point of reference so that the lower end of the spectrum is about the same size of gdp. and to get some sense of their capabilities. and where it comes from so could you talk about the use of forced labor in north korea? is that part of where it comes from?
1:30 am
>> as far as access to hard currency there is a little bit of a legitimate trade. and they also received a significant amount of support from china and then to engaged in illicit activity. and also with us top echelon by engaging in an illicit financial activity to raise hard currency for the small group that is on top. that presents challenges and opportunities but they don't need broad access is a
1:31 am
target rich environment. with a large economy to shut off products says. the that is already been accomplished is not just based the day self-imposed isolation on themselves. but said to have an impact these are points of access to the financial system so where do they get that key flight data access to persuade it is in the chinese interest? why would china work with us? they will lead to a us any
1:32 am
favors they will work with us because is in their interest that north korea not of use their financial system we saw the commercial banks make that time and again. that is the strategy and is a difficult but it is something we are committed to continue. >> because the economy is so small that is my question with more on forced labor and human trafficking that element of revenue because free labor could be a large number. are you aware of forced labor to do deconstruction? >> north korea is a human-rights disaster. says -- but to have full
1:33 am
responsibility of referred to the ambassador to get into the details by the mechanisms of their people but there have been extensive reports of their use of force. >> ambassador kim? >> forced labor is more about that and abuse. but if not the worst it is the worst so this is what have bent with the u.n. in light is so significant. >> there has been good reporting on the use for other sectors what would you
1:34 am
call it? forced labor? and they never see any of that money. >> did you gentlemen for being here. it is apparent in this geographically the closest to the crimean peninsula of being from hawaii. where those of monetary angeles and when north korea beats the drums to deliver the of threats and the continual increase capabilities because it is real for every day families and how wide a who's set within range of north
1:35 am
korea's missile program. we have seen a disconnect in a lot of different ways that those who have been very dismissal so i appreciate have this hearing because it is a threat we have to take seriously. clearly tied at has expressed it is a their best interest to have stability qc their interest to work with the instability that has caused by the cycle of threats. and what specific targets are you looking for with
1:36 am
trident to deal with north korea? >> congresswoman, china of values stability with the peninsula but they're beginning to realize that north korea behavior causes instability in their hurts tried his interest. we're looking toward improved our cooperation on several fronts. where it has been strengthened considerably'' also that north koreans that they don't a provocative action. and then it is the latest example with the attack on sunday but there are attacks so to prevent them from
1:37 am
acting galloway. we want to work with the chinese to give back to credible and meaningful negotiations. and they are continuing to pursue this dangerous program. and then to work to the korean peninsula. and that we work with the chinese to gain access.
1:38 am
but that is the ongoing challenge that we try to share information with the counterparts so they could take steps to protect the financial system.
1:39 am
but even to follow upon that information. >> their chairman brought up of hard currencies sanctions and you said they had the impact that was intended that the policy may not have been in place long enough to have the impact that it could have to force major change with north korea so lucky in how this policy will be pursued again. >> for 10 years three have been trying to isolate the system. we have had a lot of success to do that but the problem is they don't need broad access just a few points to get what they need which presents challenges and opportunities so it is with
1:40 am
you do you have a major impact. so the overall goal history have not achieved that goal is not based on sanctions but we will do part of that which is keep being the pressure on as much as possible to present a starker choice of the korean regime. >> congresswoman say they would open negotiations again why the sanctions were lifted and it turns out they had fitch and it is up problem with north korea. they get some leverage and they somehow manage to
1:41 am
convince us they will turn over a new leaf the sanctions are lifted and after the fact we find out there full bore to develop the nuclear weapons program. so having talked to the foreign minister of propaganda. at the end of the day it is to get the icbm delivery capability and we should recognize that cuts off the access of funds to do that that is an international interest. let's go to the gentleman from calif -- florida. >> i express my appreciation to all of you for coming here today and serving our country as noted. we are grateful for what you do.
1:42 am
let's drill down if you don't mind about submarines so the research group 38 north reese of the reports north korea may have installed vertical missile launch tubes on a submarine. mr. kim did the administration concur that north korea has installed missile launch capabilities on this severy? does it believe northridge is pursuing a fee based nuclear strike capability and what are the consequences of that for the region for the security of our allies and the united states? thank you. >> but to specifically confirm as they said before we are deeply concerned with the many dangerous capabilities so i would not
1:43 am
rule anything out but to have a classified briefing with the assessment of their capabilities. >> dire appreciate that offer that would be excellent. >> and with the growing nuclear capability in the region in its general, what does that imply for us a and our allies? not just a submarine. >> it is the great threat to the u.s. directly why we need to intensify our efforts all aspects that we talked about to cut off funding to use on the dangerous programs so that
1:44 am
they realize they cannot pursue their dangerous programs together isolation but they were suffering that greatest threat that the north koreans oppose is to their own people and that is true. i have a deep sympathy for the north korean republic in three touche tries to work harder so great not only deal with the dangers the north koreans have continued to pursue but that situation of the north korean republic that has suffered so badly. >> the queue to the witnesses for their patients and for being here.
1:45 am
we talk about the international community and how they affect things and i am also a member of cybersecurity withholding and did we have to go further than our abilities to influence the situation in to discuss it a great deal. pressure continues to recently for the first time to favorably act on its invitation read from russia to commemorate the anniversary of world war ii this to my knowledge is one of the first public international's such a factor is those kinds of issues it is a relationship with russia if any of the
1:46 am
witnesses would like to comment. >> brushup recently had contacts - - contact with north korea in fact, his top deputy for. but i'm convinced that they do remain committed to their goal and that public statement that was immediately following the visits and how they would strongly oppose a nuclear test by north korea. so yes the picture looks mixed but the russians to remain committed to be a good nations.
1:47 am
>> is there any possibility of north korea had assistance with the soviet attack or other experts not to deny their sole responsibility? with the expertise they may not have had? or even on the private side with russia. are there any concerns that might have been a factor? >> thanks for that question. there is always that possibility however i have not see the intelligence that indicates that. >> reduce spend a great amount of time talking about china so what other asian committees could be useful to deter this cyberactivity? weathers could we get
1:48 am
assistance from for this cause? >> looking for of the department of farmland is security we have several different engagement organizations such as the asia-pacific emergency response team that we did share information with 21 different countries also with our network membership and putting information now to a dozen other countries this is something that has a pact across many different countries and to share information over the system. >> thanks for being here and allowing me to ask a few
1:49 am
questions this afternoon. secretary, d.c. kidded sufficient to accomplish our goals? >> again to act as a responsible member of the international committee of the fact we're standing alone will like it is there. and with all the financial tools combined with all the efforts. it is a difficult and frustrating issue. but i don't take a single executive action will get us there. so those over the last years have moved the ball forward? >> again it depends
1:50 am
specifically that we have spent quite successful to have pressure on north korea's direct there are fewer human rights atrocities? >> no. i don't think we have achieved the goal of the of acting responsibility. >> so as to give them the latitude with the bill that passed last congress with secondary's sanctions or kid you pursues those? i believe you spoke earlier to say you supported the north koreans sanctions enforcement fact is that fair? >> it is not free to opine on that legislation at this point but i can say is that it gives us the flexibility we did not have before to target the airtran government and officials to provide material support to
1:51 am
any entity this the authority be put to good use >> if this does not work as well as we hope what is plan be? what if they do not change their bad behavior? >> there is of broad policy to get the men the right direction from our perspective we have a of a strategy into increasingly isolate north korea from the financial sector. and it is one way to bring pressure to bear on the people that we need to and the goal is not to bring financial pressure but as you point out is something
1:52 am
that we work on every day to change. >> is there an expedited effort to review that criteria do designate three as a state sponsor of terrorism? >> that criteria is set by law so we are evaluating all of the intelligence to determine if the at risk hurrians meets that criteria >> when will that be done? >> it is an ongoing process. the risk is that evidence to move forward. >> did to make the egregious error that they are not responsible for state-sponsored terrorism what problems would be created for us? with a stop to be as friendly and cooperative as they have been? >> it is as straightforward matter that we tried to meet
1:53 am
the requirements of the law that says the secretary of state mr. chairman have given support for the international terrorism and trying to use determine if they meet that criteria and if they do they will move forward. >> it is an ongoing process. >> fatah south korea, a view those actions? >> they have been very supportive with devastating touch including other allies such as japan. it is a strong condemnation and express strong support for our reaction to the attack. >> i yield my time. >> rigo to a new member of the committee from minnesota >> fate you for holding this important hearing. barrasso like to thank the
1:54 am
committee staff for their work and patience and the distinguished panel for providing as their analysis. ambassador kim, the president of the institute for science and international security has commented that north korea policy of the aba mitt administration is called strategic patients and recently the president said in response to this so the hacking the west would respond proportionately can you define that for me in a comment of a strategic patients reference? >> that has been misunderstood is our policy.
1:55 am
with the approach we were taking because precisely because of the important lessons to negotiate with those north koreans to and also zero bilateral with a framework of the mid-90s will want to take us to deliver it cautious approach so when negotiations and to resume rahab of much more credible chance to make lasting progress. strategic base refers to that approach not necessarily the policy perce. but still to say we want to
1:56 am
make sure that there is us a demonstration of commitment before be returned to negotiations. >> going to the next part lenders stand the proportional response lange which is tuesday episode but does it have an increase of intensity? >> that is accurate said new executive order gives us tremendous flexibility to go after targets as we develop intimation and personnel to make it more difficult for
1:57 am
them. >> there are so many questions and you have then very patient. they're breaking member to day talked about the balance to hold the leaders accountable well at the same time to be mindful of the population can you tell me with the assistant secretary and the ambassador, how do you manage that delicate balance and can you give specific examples have the authorities are being applied? to back up again i fail to see any actions that we apply to north korea have negatively impacted the
1:58 am
korean people as it is a charitable to the position of boris korea. but why we have adopted the approach we have adopted is for a couple of different reasons. but in order for the government of risk korea to make itself lydgate's access. not a lot but it does need it. >> my time is running out. so could you give a specific example since the order? >> simultaneous it was announced with respect to three north korean entities it individuals and eight of
1:59 am
them have that primary conventional arms company of north korea. one of the impacts of that is to of those individuals that the government is considering expelling as a part of the currency i've not to doing a victory lap and how we use that authority. >> a couple of questions you are for labor that natural defense authorization act to provide sanctions against anyone supporting or a kgb an industrial the. [inaudible] jars ever security.
2:00 am
-- or cybersecurity. correct? >> i am aware of that. . .

29 Views

info Stream Only

Uploaded by TV Archive on