Skip to main content

tv   House Homeland Security Subcmte. on North Korea - Part 1  CSPAN  October 17, 2017 10:28pm-12:25am EDT

10:28 pm
understand that immigration provisions and grounds for deportation are written in broad and general terms. and given content by the executive branch in which congress has vested authority. crime involving moral. >> you're not asking the executive to define the crimes, you're asking us to do it right? >> in the immigration context. >> this is an example where a congress is delegated the authority to executive to do this. you're suggesting it's delegated to this branch to do it. >> no. it's not delegated to the branch. this branch has to construe the statute that congress is enacted in other circumstances. the agency of course gets deference. in deciding what institutes a particular ruefulable offense. >> thank you, counsel. the case is submitted. landmark cases. a c-span history series about the supreme court returns in
10:29 pm
february. 12 frequently cited cases heard from the high court. live on c-span beginning in february. the washington post hosts a confers on oip yoed addiction. we're hear from senators. live coverage begins at 9:00 a.m. eastern here an c-span 3. in the afternoon, the commander of u.s. central command will talk about u.s. arab relations. hosted by the national conference. 2:05 p.m. eastern. also on c-span 3. you can watch both events online at or the free c-span radio app. sunday night on after words. >> over 90% of sexual harassment cases end up in settlement. and what's that mean? that means that the woman never works in her chosen career ever
10:30 pm
again. and she can never talk about it. she's gagged. how else do we solve sexual harassment suits? we put in arbitration clauses and employment contracts. which make it a secret proceeding. so again nobody ever finds out about it. if you file complaint. you can never talk about it. ever. nobody ever knows what happened to you. in most cases you're terminated from the company and the predator is left to still work. in the same position in which he was harassing you. so this is the way our society has decided to resolve sexual harassment cases. to gag women so we can fool everyone else out there that we have come so far in 2017. former fox news host grechen karlson talks about sexual harassment in her new book be fierce. stop harassment and take your power back. watch after words sunday night
10:31 pm
at 9 eastern on c-span 2 book tv. next. a house panel looks a the possible threat posed by north cre korea. including the potential for electromagnetic pulse attacks. good afternoon, everybody. the committee on homeland security subcommittee. will come to order. the purpose of this hearing is to examine the risk posed by north korea to homeland security and recommendations for the department to be better prepared to mitigate these risks. the chair recognizes himself for an opening statement. it is no secret that kim jong un and his regime in north korea has ratcheted up tensions with
10:32 pm
thenitis at an alarming rate. with the knowledge north korea conducted over 20 missile tests on a dozen different occasions between february and september of 2017. including test of ballistic missiles. many americans and allies around the globe remain on edge. however, americans may rightly wonder about north korea's ability to threaten the homeland directly. intelligence from the hermit kingdom is inconsistent and limited. despite the intelligence challenges, information that has been gathered is reason enough for alarm. for example, according to to media reports two north korean shipments to a syria government agency responsible for the chemical weapons program were intercepted in the past six months. while these reports did not detail exactly what the shipments to syria contain, this is not the first time a north korea ship has been seized due to carrying suspected missile
10:33 pm
system components. in 2013 a north korea ship was intercepted in the canal with false manifests and hidden under cargo. parts of fighter jets and rockets. in addition, according to to the counsel on foreign relations, recent estimates suggest that north korea's nuclear weapons stockpile compromises ten to 16 nuclear weapons and have the potential to grow rapidly by 20 to 125 weapons. the center of studies estimates north korea has between 2,505,000 metric tons of creme kal weapons. we are all aware with the assassination of kim jong un's half brother with a deadly nerve about. those weapons have been put to use. whether or not north korea intends to act on any of the threats to the u.s. directly, we must also keep in mind that pun
10:34 pm
and willing to -- to other hostile nation states and possibly non-nation state actors that are intent on destroying the united states and the freedoms we stands for. former department of homeland security stated in april that the most imminent threat from the north korea is a cyber threat. north korea's increaseingly sophisticated cyber program has ability to pose a threat to united states interest. federal prosecutors are investigating north korea for a possible role in the international banking system or the swift hack that resulted in the theft of $81 million from the central bank of bangladesh in 2016. 2014 the commuters system of sony pictures entertainment were infiltrated. in retaliation over expressed out rage of the back ill m
10:35 pm
centered on kim jong un. the growing variety of digital threats against the private sector and federal net work ts. are we prepared it safeguard our infrastructure against a north korea led cyber attack? it's a serious risk we face. we cannot discount other possible threats. such as an electromagnetic attack. that could result in paralyzing the grid. and other key infrastructure that rely on the electric grid to function. disruption to the power grids would be disasterous. according to to a government report. a major emp could result in cascading impacts on fuel distribution, transportation system, food and water supply. and communication and equipment for emergency services. north korea continues baa lij
10:36 pm
rent actions the united states must be. the department of homeland security has a vital role in protecting the cyber space and infrastructure. and preventing chemical buy logical, and nuclear terrorism. this hearing will allow us to gain a greater understanding of the multitude, severity and probability of threats posed by tho thort korea. and how the homelands can mitigate the risks. the chair recognizes the je moon from california. >> thank you. and welcome all the guests here today. panelists, thank you sir for holding this hearing on threats of north korea to the great country. and again i thank the witnesses for being here. also want to take a moment to send my thoughts and prayers to those affected by the california southern california wild fires. in my district many of folks
10:37 pm
very near and dear to me have been evacuated. my staffers and friends have had to be evacuated. and a couple camps receiving those evacuated are my district. our thoughts and prayers are with them. as well as others in california. also want to thank the first responders for again doing the work they're doing right now in and around my district. the chairman will recognize the seriousness of north korea this threats it poses to us. i just want to take a moment to acknowledge we also have to look at those achked by hurricane harvey, irma and maria. coming back to north korea. america's current diplomatic policy must be cautious in engaging this individual, this leadership that appears to be very unpredictable. reports do confirm north korea
10:38 pm
is accelerating the pace of its missile testing. devoting more resources to develop its cyber operation. and threatening to create a multi-functional nuclear bomb. recent actions such as the north korea connected hacking groups that stole $81 million from banks in bangladesh and southeast asia show north korea is getting more daring and much more functional. with their cyber operation. from the witnesses today i look forward to hearing from you. and how this department homeland security can better protect the vulnerable critical infrastructure of cyber. cyber threats and how to mitigate such threats here in our country. further while the probability of a electromagnetic pulse appears to be at this time unlikely. north korea has made it clear it is testing its ability to mike a
10:39 pm
hydro general bomb capable of such destruction. so my question to you is, is an emp something that's a threat at this time or soon? speaking on this frustration with president trump, north korea's leader stated that trump denied the existence of insulted me my country and from the eyes of the world my questioning is is this anything new? or is this going on for the last 20 years? i'm interested in hearing from the witnesses in this panel. what happens if the unthinkable happens. what would happen the first 10, 20, 30 minutes of all out war? hi hypothetical. but one we need to be appraised of. with that, i thank you and yield
10:40 pm
back. >> chair, thanks the gentleman. and join you in echoing concerns for those affected in and around your district. and of course in california. the wild fires and the first responders as well as the victims in the recent hurricanes here. in the united states. and our citizens in puerto rico. and the caribbean. with that, other members of the subcommittee are reminded opening statements maybe submitted for the record. we're pleased to have a panel of witnesses before us today. witnesses entire written statements will appear in the record. the chair will introduce the witness first. and then recognize each of you for your testimony. all right. mr. frak frank cilluffo. associated vice president at the george washington university and director of the center for cyber and homeland security. he previously served in homeland security positions in the white house and homeland security
10:41 pm
advisory counsel. welcome, sir. anthony rougier. the office of terrorist financing and financial crime. and spent 13 years in various positions in the state department. welcome i sir. mr. patrick terrelle. a senior research fellow. weapons of mass destruction at the national defense university. he served in the u.s. army chemical core. for 27 years. and was the wmb military add vie tor and deputy director for chemical, buy logical and nuclear defense policy in the office of the deputy assistant secretary of defense for counting wmb. thank you for your service. welcome. jeff green a senior director of global government affairs and
10:42 pm
policy. where he leads a team focussed on cyber security data integrity and privacy issues. prior to joining he sefbed in staff positions on the senate homeland security and governmental affairs. and security committees and as an attorney with a the washington dc law firm. welcome sir. doctor peter pry is a nationally recognized expert on electromagnetic pulse. doctor pry was most recently chief of staff of the emp commission. and has served on the staff of various congressional commissions related to national security as well as the house armed services committee. and was an intelligence officer with a central intelligence agency. welco welcome, sir. thank you for being here today. we recognize cilluffo for opening statement. >> thank you for the opportunity to testify before you today. on such a critical set of
10:43 pm
issues. north korea poses an increaseingly complex and multi-dimensional threat to the u.s. homeland. the many facets of the challenge include the nuclear threat, missile threat and the proliferation. my own remarks will focus on the cyber threat. regards to the cyber aspect it should be flagged up front. it is not one dimensional. to the contrary, it may manifest itself in three ways. as a stand alone cyber threat. a component in conjunction with the broader campaign. military or connectic means. and an indicator of an attack or campaign that is yet to come. the cyber equal of intelligence preparation of battlefield or mapping of critical infrastructure. a conference we cohosted with the cia last week, a senior official described north korea as between bookends. the fear of chinese abandonment on the one end and fear of u.s.
10:44 pm
strike on the other. official stated further that north korea exists to oppose the united states. and that kim jong un defines winning as staying in the game. it is against this background the over riding survival of the kim regem. and the military first policy that the north korea cyber threat must be considered and evaluated. in terms of the bottom line up front. the cyber threat is already here. it is persistent, ongoing and comes in various disguises and forms. the battlefield includes the traditional air, land sea space. but cyber space. which is simultaneous its own domain and transcends all other domains. the question is if and when the north korea cyber activity escalates. moving higher up the chain of conflict. going beyond traditional computer net work exploit. and cyber crime to bigger and more destructive attack.
10:45 pm
if so, what are the primary targets. and how can we tlart the attack or minimize the impact through contingency planning and building resilience. at the high end of the threat spectrum are nation states. military and intelligences are integrating attack and exploit into the war fighting strategy and doctrine. north korea is one of a small handful of countries that top the list from a u.s. national security perfective. many of the details of the actual cyber warfare capabilities are shrouded in secrecy. we know north korea has invested heavily in building out cyber capability. 2015 report by the south korea defense ministry estimates the nor korea cyber army employs an elite squad of 16,000 hackers. this number likely increased and worth noting that many of the hackers operate outside of in northeast china and southeast asia. while not yet up to par with the
10:46 pm
likes of russia or china, what north korea may lack in capability it unfortunately makes up for with intent. thort yee engaged in extensive es pea knowledge recent reports of classified information from the south korea military. in the targeting of u.s. energy companies and industrial control systems here is troubling. and reflective of the espionage. the attack on sony is only one example. perhaps what differentiates they turn to cyber crime to raise revenue. including funding nuclear aspirations. given recent sanctions that are lev ried upon them. they have been pegged the likely
10:47 pm
culprit as you have highlighted behind a string of cyber bank robberies as far as poland. also the swift hack opt central bank. hacks against bit coin and other current si exchanges. and the attack which impacted. if pasdsed this prologue we ought to be prepared for a further spike in cyber crime. the cyber twist maybe new, such behavior is not. north korea has long turned to criminal activity such as counter fitting, current, cigarettes and foorm suarm su p. with the country using diplomatic cover to pursue illegal activity. in essence they're using national collection means. using all source intelligence for criminal game or more aptly to be compared to as a state sponsor of cyber crime. one word on what to do about
10:48 pm
this. bottom line. train more and better. we need to exercise i think contingency plans are important. make the big mistakes on the practice field. not when it's game day. and dhs has done good work in terms hof sharing of information and intelligence such as hidden cobra. where that i provide north korea activity. this is so vital. that will be the warning. that will be the indicator that something bigger maybe a foot. the broader threat picture other scenarios like emp that will require a much broader response and need to include partners like dod. as dhs and the utilities would be overwhelmed. i hope there's more time to get into that. thank you, mr. chairman. >> the chair recognize mr. rougier o for opening state.
10:49 pm
>> chairman, ranking member, and distinguished members of the subcommittee. thank you for the opportunity to address you. north korea nuclear weapons missile programs are expanding after a decade of failed american policy. and now pose a direct threat to the u.s. homeland. threatened our close allies south korea and japan. as well as the u.s. troops stationed for decades on allied territory. the progress of north korea's programs shouldn't be surprising. since conducted its first nuclear test eleven years ago. and its long range missile program lasted 20 years. twice tested in a ballistic missile in july that could target los angeles, denver and chicago. and possibly boston and new york. the kim regime tested a massive
10:50 pm
weapon designed to ob lid rate cities and could be delivered by long range missiles. these developments are more concerning when we consider that it has a that pyongyang has a proclivity for selling weapons to anyone who has paid for them. it has sold items related to nuclear weapons, chemical weapons, and ballistic missiles. among north korea's most troubling relationships are those with iran and syria. the threat we face is acute and growing. after years of strategic patience the time has become for a policy of maximum pressure that actually stands a chance of restraining the north korean threat without resorting to war. the trump administration is pursuing iran-style sanctions to force north korea to denuclearize. and absent that result protect the u.s. and its allies from pyongyang's activities. both critics and supporters of the 2015 nuclear deal agree that
10:51 pm
sanctions were the main driver that brought iran to the negotiating table. modeled on the successful iran sanctions program, the trump administration's efforts clarify the choice we are asking other countries to make. do business with north korea or do business with the united stat states. it cannot be both. this approach includes diplomatic efforts to convince other countries to cut ties with north korea, reinforced by the threat of losing access to the u.s. financial system. the "wall street journal" reported that a year-long effort by the state department resulted in over 20 countries cutting off diplomatic or commercial relationships with north korea. in prior testimonies i detailed flaws in the current sanctions regime, including a failure to prioritize the north korea sanctions program and the need to focus on pyongyang's overseas business network as well as non-north koreans facilitating sanctions. north korea's shipping network plays a crucial role in supporting this evasion,
10:52 pm
including the prohibited transfer of commodities. the countering america's adversaries through sanctions act contains several provisions for the department of homeland security that require it to highlight the role of north korean vessels in illicit transfers and the role of third-party countries facilitating these transfers. the department must publish a list of north korean vessels. treasury's office of the control currently list 40 vessels as blocked property of north korean designated persons but our research indicates that s'more than 140 could be linked to north korea. the department of homeland security and other elements of the u.s. government should focus on the activities of north korean-linked vessels including increasing the number of entities and individuals sanctioned in north korea's shipping sector, compiling a complete list of vessels linked to north korea, and naming ports
10:53 pm
in china and russia that facilitate north korea's sanctions of asia. the urgency of the threat should call for the department to take these actions before the 180-day grace period granted by the sanctions law has elapsed. north korea's nuclear weapons and missile programs are a threat to the u.s. homeland and our allies. there are two basic policy options for the united states. one accepts this dangerous situation as reality. under the false premise that north korea's provocations can be contained or deterred. the other path was successful in bringing iran to the negotiating table with crushing sanctions that could force the kim regime to realize the futility of continuing its nuclear weapons and missile programs. the only peaceful way to protect the u.s. homeland is to ensure kim jong un feels the full weight of sanctions implemented by the u.s. and our allies. thank you again for inviting me, and i look forward to your questions.
10:54 pm
>> the chair thanks the gentleman. the chair now recognizes mr. terrell for an opening statement. >> chairman perry, ranking member correa, distinguished members of the subcommittee it's my honor today to testify on the north korean wmd threats to the homeland. views expressed in this testimony are my own and do not reflect those of the national defense university or the department of defense. we do not yet face a clear and present existential threat to the american homeland from north korea but it's getting closer each day. the threat will be very real very shortly. but it's nevertheless potentially manageable. today north korea possesses nuclear, chemical, and potentially biological weapons that can be unleashed direct ly or through others against u.s. vital interests abroad and in the homeland. under kim jong il and kim jong un -- or kim ill song and kim jong il, nuclear weapons development progressed at a steady pace. a very deliberate pace. with kim jong un we've seen this extreme increase in pace of
10:55 pm
intermediate and intercontinental ballistic missile testing and nuclear weapons testing to include the most recent one in september. this acceleration has north korea on the verge of a functional road-mobile icbm capable of delivering nuclear weapons to the continental united states. while questions remain about the overall trajectory of the program, north korea could have by some estimates enough fissile material for up to 60 nuclear weapons. not all of those would be their most sophisticated design but they could still be employed and whatever minute churized warheads they have managed to manufacture to this point could be used against guam and the continental united states. while the reliability, accuracy and survivability is questionable we should expect that north korea could endeavor to use these weapons in a time of crisis. additionally, north korea maintains a large stockpile of chemical warfare agents probably mostly consisting of blister and nerve agents, which while
10:56 pm
intended for war fighting the korean geography supports strategic employment against the 25 million people living in the greater seoul metropolitan area, which would almost assuredly result in exposure to some of the 140,000 american citizens living in south korea and raise the potential for the need of returned chemical casualties to the united states for long-term care. the assassination of kim jong nam with vx in kuala lumpur this february demonstrated korea's ability to transport and use chemical weapons overseas. while we know far less about their biological weapons program it's believed that given the infrastructure that they possess within north korea they can conduct research and development and possibly produce small batches of chemical agent or biological agents. for the korea's long history of shipping conventional arms, drugs, and counterfeit money could facilitate attempts to move chemical or biological weapons into the u.s. homeland for attack. while not on the scale achievable in south korea they could be impactful enough to
10:57 pm
foment fear. while no one has clear insights into kim jong un's thinking we can surmise he has two primary objectives -- his personal survival and the continued existence of a kim-led regime. to that end watching iraq and libya could reinforce his belief that he is more likely to remain in power by demonstrating a credible operational wmd capability intended to deter attack on the korean peninsula. we also know north korea remains intent on breaking our alliance system in asia. and believes that threats to the homeland will cause u.s. to abandon south korea and japan during a time of crisis. we also know that both kim jong un and his father believed they could manage provocations and the escalation and that by possessing a nuclear weapon he believes that the u.s. threshold for war may be heightened allowing him to be more provocative and belligerent.
10:58 pm
we must strengthen our homeland and develop a mod earn proech to deterrence. regional economic lenkz and 34ir89 posture are essential to demonstrating u.s. presence as a transpacific leader financial diplomatic and other pressures must be applied to cut off potential trading partners. next the u.s. must protect all of our territory from north korean attacks and 1307bd should one occur. many of the actions of the department of defense, department of homeland security and others have taken to prepare for wmd attack by terrorists would also apply to north korean attacks against the homeland. we must enhance our preparedness to include planning for large scale attacks perhaps with multiple nuclear weapons. i'm not sure we have fully grasped how difficult the logistics and coordination will be for immediate life-saving actions, short-term relief efforts and long-term rebuilding following multiple nuclear detonations, particularly if one is 2,500 miles away in hawaii or
10:59 pm
over 6,000 miles away in guam. finally we need a tailored deterrent approach for the unique challenge of north korea. kim jong-un must understand that any conflict with the u.s. will end his regime and he will be denied the effects he's seeking to achieve. he should see how his nuclear threats strengthen our alliance. reds ovl is demonstrated not by words but by deeds. proper resourcing, training of of response forces demonstrating our ballistic missile defenses, hardening our critical infrastructure against astack and possessing a ready, reliable, and survivable nuclear triad. again, thank you for this opportunity, and i look forward to your questions. >> the chair thanks mr. terrell, and the chair now recognizes mr. greene for an opening statement. >> chairman perry, ranking member correa, thank you for the opportunity to be here today. we've been tracking the lazarus group which the u.s. government has linked to north korea for over five years and have watched as their targets have evolved and their technical skills have
11:00 pm
improved. lad rus is different from other attack groups that have been linked to nation states in several ways. first their attacks are unusual both in the breadth of their targets and the goals of the attack itself. second lazarus shows little hesitation to engage in activities that other groups might take pause. and finally lazarus targets a variety of disparate industries, many simultaneously, and is very quick to move from target to target. their technical capabilities have improved dramatically over the past few years and we view them as above average in overall capability and actually expert in some areas. in particular they're skilled at conducting reconnaissance operations and the quality of the malware they've developed has improved dramatically in the past few years. the combination of this increased quality malware and new steps they've been taking in operational security will likely make it harder in the future to connect operations back to lazarus. in other areas they've made simple mistakes that have at times hampered their ability to
11:01 pm
complete an operation. these are usually, however, relatively basic and we don't expect to see them making the mistakes in the future given their zralted edemonstrated ada. they've been connected to attacks on a wide variety of sector from the entertainment industry to critical nfshlth to government systems to the financial sector and the defense base. unlike other groups that have been publicly connected to nation states, lazarus has attacked individual internet users en masse. their methods run the gamut. it includes the denial of service, highly targeted and sophisticated intrusions, destructive attacks and the use of ransomware. you both mentioned in your opening statement the theft $81 million from the bangladesh central bank in 2016. but that's only part of the story. they actually targeted as much as a billion dollars and but for a fairly simple mistake might have got anne way with it. they exploited weaknesses in the bank's network to steal credentials and then initiated fraudulent transfers. this was a well-planned and sophisticated attack. to cover their attacks they installed malware which printed
11:02 pm
doctored confirmation receipts. the fraud was detected because they actually misspelled the names of the recipients of one of the fraudulent transfers which led to inquiries. another lazarus-connected attack is the wannacry ransomware outbreak that happened in may. this was fairly significant. within the first hours the national health service in the united kingdom was taken down and the spanish telecom provider telephonica was impacted. it was unique and dangerous because it propagated autonomously. it was the first ransomware as a worm that has had global impact. but while wannacry was very good at infecting computers and encrypting data, it was really bad at collecting ransom. because of some fairly simple coding errors the attackers do not appear to have yet collected the ransom that was paid by some of the victims. finally you both mentioned i believe the sony attack. this is probably the best-known lazarus incident out there.
11:03 pm
it was late 2014 they were hit with malware that disabled networks, destroyed data and stole e-mails. most of the media attention after this was focused on the salaries of respective movie stars and other salacious details. but from a cyber security standpoint the big story here was the permanent destruction in the united states of a significant number of computers and servers. by one report the attack impacted as much as 3/4 of sony's systems and sony pictures headquarters. the fbi as you probably know and the dni attributed this attack to the north korean government. our technical analysis has linked sony to numerous other attacks including the bangladesh bank heist, wannacry ransom ware, dark soul which was destructive attacks in korea in 2011, the polish bank heist that mr. cilluffo mentioned. in some lazarus is an aggressive and increasingly sophisticated attack group that has a demonstrated willingness to disrupt networks, steal money, and destroy computers and data. unlike other major attack
11:04 pm
groups, which typically focus on one sector or even one industry, lazarus has shown no such limitations. as a result everyone has to assume that they could be a target of lazarus and prepare accordingly. thank you for the opportunity to be here, and i'm happy to take any questions. >> the chair thanks the gentleman. dr. pry, the chair now recognizes you for your opening statement. >> thank you for the opportunity to be here today to talk to you about the threat from north korea. particularly the threat from electromagnetic pulse, emp which would result from the high altitude detonation of a nuclear weapon. it is in effect a super energetic radio wave or super lightning that might destroy electronic systems including electric grids and all the critical infrastructures that support life in this country and that depend upon them. this threat has been described a couple of times. in the beginning of this hearing as unlikely.
11:05 pm
i would recommend that we not use that term in reference to an emp. maybe a better word would be unknown. i suspect people will continue to describe an emp threat as unlikely right up until the day before north korea actually attacks us just like we did with the 9/11 attack that the day before it happened would have been regarded as highly unlikely. what we do know is north korea has the capability of an emp attack right now. and does right now constitute an existential threat to the united states. they detonated a hydrogen bomb on september 2nd. the new estimated yield on it is 250 kilotons. that single weapon could put an e.m.p. field down over not just the united states but over north america that would cause the collapse of electric grids, transportation, communications. all the life-sustaining critical infrastructures. it wouldn't be a temporary blackout either. we might not ever recover from it. if we are not prepared to defend our electric grid now and put in place the measures and if they
11:06 pm
were to strike us now when we are unprotected, millions of americans would die. look at what's happening in puerto rico now if you want to know what the consequences of an emp attack would be. they've only been without electricity for a few weeks and many people are in fear of their lives, legitimately so. imagine in puerto rico with no u.s. government coming to the rescue, all right? and they were on their own for a year. you'd have most of the population of that island perish if we weren't there to come in and help them. that's what would happen to the united states in the event of a north korean e.m.p. attack, which they could do today. all right? and with a single weapon. the intelligence community, the e.m.p. commission has been virtually alone i think in having a more accurate estimate of the threat from north korea than the intelligence community has over these years. this summer should have been a humbling experience for those who want to dismiss or minimize the north korean threat.
11:07 pm
just six months ago many people were arguing that north korea only had as few as six, perhaps as many as 30 nuclear weapons. now the intelligence community estimates they've got 60 nuclear weapons. they weren't thought to have icbms that were capable of reaching the united states, maybe alaska and hawaii. now we estimate that they can reach all of the united states. so the intelligence community hasn't had a good record on this. the emp commission on the other hand has been right. two days after that h-bomb test, north korea also released a technical report accurately describing the way a super emp weapon would work and we think they probably have that too, which would generate emp fields even more powerfully than that of the h-bomb which they successfully tested. when we think of nuclear weapons in the united states we think north korea would never cross the nuclear line because for us that's a big deep dark red line that we would very reluctantly cross.
11:08 pm
north koreans don't think that way about emp, nor does russia or china or iran. in their military doctrine emp is part of cyber warfare. it's part of a combined arms cyber warfare campaign. the likelihood of a nuclear emp attack is exactly the same as the likelihood of getting into war with north korea. if we get into a war with them where they feel the regime is at risk, they will use everything within their power including a nuclear or emp attack, to prevail. so how likely is a nuclear war with north korea? it's not just up to us. it's also up to the north koreans themselves. they are entirely capable of miscalculation. last, i'd like to point in terms of what we should be doing. we're going in exactly the wrong direction in terms of our preparations for emp. just two weeks ago a senior official at the department of homeland security described the emp threat as theoretical and something we needed to study a lot longer. that's basically the plan the
11:09 pm
u.s. government is on now. the department of energy, department of homeland security and national labs want to spend millions of dollars continuing to study the e.m.p. threat way out to 2020 and beyond when the emp commission has already spent 17 years studying the threat, has repeatedly told congress this is a real threat here and now, and we know how to protect against it and it can be done cost effectively, and that is all true. i hope a project called the louisiana project that the emp commission started with the decht homeland security with secretary kelly will survive the death of the emp commission. in this project we have been working with the state of louisiana to prove you can protect a state electric grid very cost effectively. i think people will be surprised if it's allowed to go forward at how little it will cost and it would provide a paradigm for all the other states to follow. thank you so much for hearing me out. >> the chair thanks the gentleman. votes have just been called. i've got to figure out what we're going to do here quick.
11:10 pm
>> this is what we're going to do. since votes have been called, i'm going to defer my questions. because i am going to come back. i'm going to go to mr. duncan, mr. correa. then to the other side. and then when the time's up i'm going to leave, we're going to vote and then at least you know i'm going to come back.
11:11 pm
if mr. higgins or anybody else, miss bare gann, anybody else from the other side wants to come back or anybody else from our side, they'll have that option and i hope you guys can indulge us and stick around. but this is how things work here. with that, i recognize mr. duncan. >> i thank the chairman and the thank the panel for being here. it's been very informative. dr. pry, i'm going to skip north korea for just a second. because of your past experience with russia and arms treaty verification, could you just touch on how difficult it is in iran as a closed society and a closed government for our arms treaty folks and the iaea to actually do inspections there? then i've got a follow-up question about emps. but i would love to get your take on that. >> iran has actually practically told us they're cheating on the iran nuclear deal. there is a military textbook
11:12 pm
called passive defense that is a major textbook taught at their general staff academies that describes in admiring terms soviet successful cheating on arms control treaties during the cold war and how they managed to fool us in terms of the number of weapons, the quality of their weapons, and that this would be a good paradigm to follow for iran. it's there in black and white. congressman trent franks has a copy of the book. unfortunately, it's not unclassified. it should be unclassified but it's for official use only. so it can only be used by u.s. government officials. but in effect they have told us in their military doctrine black and white that they plan to cheat on agreements in order to get nuclear weapons. in terms of the difficulty, i've written a number of articles on this. one of these military bases, there's a photograph that's actually available from unclassified satellite imagery
11:13 pm
that shows four high energy power lines, each one carrying about 750,000 volts, going down underground into a facility. something is going on in one of those underground military facilities that require -- >> these are at the military installations? >> yes. that the iaea has never looked at. they don't have any ability to investigate them. that requires millions of volts of electricity. that could be running uranium centrifuges that they have that have not been declared. that could be running something like the krasnoyarsk 76. the soviet union had something called krasnoyarsk so they could cheat on nuclear weapons and cheat on the treaties. something that needs to be declassified is under president reagan there was a thing called the general advisory committee report on arms control compliance. 1959.
11:14 pm
i think it was 1983, '84 up to that point. which the state department has never allowed to be declass 2350id. and it goes through all of the major arms control treaties we had with the soviet union, demonstrated how they cheated on virtually every one. so we have a long history of the bad guys cheating on these treaties and at least half the problem is our own willingness to acknowledge that because there are interests in this town that are very much in favor of not wanting to face the reality that arms control doesn't work. just like there were people, oh, around neville chamberlain before world war ii that didn't want to acknowledge the nazis and japanese were cheating on the washington naval treaty and other arms agreements that existed before world war ii. >> thank you. >> the chair thanks the witness. the chair recognizes the ranking member mr. correa. >> thank you, mr. chairman. mr. ruggiero, question to you
11:15 pm
and some of the others. have we ever gone after the bank accounts of north korean genera genera generals, business folks? you hit them in the pocketbook at an individual level, that would get a reaction. have we ever attempted to do that? have we done that? if you lose a couple billion dollars in a swiss account it may get your attention. >> certainly that would be useful. i think on leadership funds there's a question of where that money is. i think you made a good recommendation there in terms of countries in europe that have bank secrecy is the best way to look at it. in 2005 the united states went after banco delta asia in macau, which was very successful. but since that time more recently we've started to go after north koreans. the issue here is that in a lot of ways this money is held in china, in chinese banks or in
11:16 pm
the name of chinese companies, and that's why it's important now to go after chinese companies, chinese banks -- >> so we've essentially lacked the technology, the information, the knowledge to figure out how to get at that money? >> i would say we're starting to do that now. >> okay. >> since may the trump administration has taken six actions against china -- >> if i may interrupt you. >> sure. sorry. >> nuke testing 11 years ago, rocket testing 20 years ago. you figure they're preparing for that even before that and it's just barely now that we're figuring this out. >> certainly. >> very quickly, dr. fry, you talked about an e.m.p. pulse not being theoretical but essentially a clear and present situation. why haven't we reacted to this as a country? is this a question of politics or is this a question of costs? if this is a threat here, we're going to have to invest a lot of money to harden our systems.
11:17 pm
>> it isn't chiefly a question of cost. you can actually protect against emp quite cost effectively. the emp commission testified that for $2 billion we could protect the electric grid. and that's what we give away every year in foreign aid to pakistan. i think it's a complex question as to why we haven't acted yet. politics is mostly what it has to do with. the electric utilities in this country are not controlled by the federal government. there's 3,000 independent utilities. no agencies at the u.s. government include the federal regulatory commission has the authority, has the power to order them to protect the electric grid. and they have spent vast amounts of money and huge effort lobbying against emp and not just emp but -- >> that's kind of what we're going through with cyber security right now. >> exactly. >> private sector. some folks want to step up. some folks don't. even the federal government. some folks, you know, agencies are there.
11:18 pm
some are not. >> the nerc has even approached the tree branch threat. the great neeflt blackout threat of 2003 was cause when'd a tree branch hit a high voltage line in ohio and it put 50 million americans in the dark. ferc begged them to come up with a plan for the future because we can't have 50 million americans in the dark. it's taken them ten years and nobody knows if it will work. >> the chair thanks the gentleman. the chair now recognizes mr. higgins. >> mr. chairman, in the interest of time i defer my questions till we return. >> yes, sir. the chair now recognizes miss rice. >> what effect would plnt trump's attempt to decertify the
11:19 pm
iran nuclear deal have on the north korean issue? >> i would just say that the north koreans are not waiting by the phone to have a negotiated settlement. that would be the first. the second is that from my perspective it's the iranians looking at north korea and seeing their pathway to a nuclear weapon. the concern i have is there are many people who are suggesting we should stay in the iran deal that are the same people that are saying we can accept the threat from north korea right now and just deter them. i think that's the wrong message to iran. i think we have to when we're looking at north korea, we have to make sure that we underscore that our policy is denuclearization so that the iranians don't see that in 20 years they have a path to a nuclear weapon. >> if i could make a comment on this, you know, we have this summer been surprised by the advancement of the missile and nuclear weapons threat from north korea. i think the next big surprise that's going to face us is iran
11:20 pm
because we have grossly underestimated the iranian nuclear threat. if one reads carefully the 2014 international atomic energy agency report, while they did not come to the conclusion, the iaea doesn't draw these conclusions but members are commissioned and former members of the reagan and clinton administration intelligence communities looked at that report, there are indicators, technological indicators that iran already has the bomb and that they may have had the bomb since before 2003. before 2003 they were actually manufacturing bridge wire detonators, neutron initiators and they had conducted an implosion experiment. in the manhattan project during world war ii when the united states was at that technological phase we were three months from getting the atomic bomb. now, these were things they were doing before 2003. what's going on in those military facilities? personally, i think they've already got the bomb and that we're going to be surprised just like we have been about north korea.
11:21 pm
>> anyone else? okay. thank you. >> the gentleman yields. the chairman recognizes miss barragan. >> while i'm looking for my questions, i just want to do a quick follow-up to that. i've read a lot of people who've opined on the iran deal and a lot of folks who did not support the deal are still coming out very publicly and saying even though this is not the best deal the manner in which the president wants to do it is not the way to do it, and that is a risk. does anybody have any thoughts on the manner in which it's being done, just having the -- i'll just leave it at that. >> i'd like to volunteer my opinion on this. i think the biggest risk is remaining in the deal. and i see it in the press. the defenders of the iran
11:22 pm
nuclear deal describing it as -- that at least it has constrained the nuclear threat from iran. that it has contained the nuclear deal from iran. that's not a fact. there's no evidence it is contained. there's plenty of evidence it hasn't contained the threat from iran and that we have basically deluded ourselves in this deal into thinking we've contained a threat that actually -- >> i just want to respectfully -- do you think the process in which the president is following is the right approach on this? >> i think anything -- >> yes or no. >> yes. anything that gets us out of that deal is going to be in the interests of our survival. >> thank you. i want to go ahead and follow up on -- just in the last ten days between attack the press and the first amendment and blaming puerto ricans for the disaster caused by hurricane maria the president tweeted the following in regards to north korea -- "our country has been unsuccessfully dealing with north korea for 25 years, giving billions of dollars and getting nothing. policy didn't work."
11:23 pm
next tweet, "presidents and their administrations have been talking to north korea for 25 years. agreements made and massive amounts of money paid. hasn't worked. agreements violated before the ink was dry, making fools of u.s. negotiators. sorry but only one thing will work." the president's next tweet. "just heard foreign minister of north korea speak at u.n. if he echoes thoughts of little rocket man, they won't be around much longer." and lastly, "we can't allow this dictatorship to threaten our nation and our allies with unimaginable loss of life. he said at a meeting with top military officers." and finally, "we will do what we must to prevent that from happening and it will be done if necessary, believe me." mr. greene, how would you characterize this administration's north korea strategy, and what are the implications of the president's diplomacy by tweet foreign policy, especially considering the rift between the president
11:24 pm
and his secretary of state, rex tillerson? >> so unfortunate -- so i'm the cyber expert here. unfortunately, i'm not qualified to opine on the merits or lack thereof of a diplomatic approach. so i apologize. i'm not capable of responding on that. >> does anybody on the panel believe that the president's diplomacy by tweeting is the proper way to go? it's a yes or no. >> yes. >> okay. mr. ruggiero. >> i think that's tougher to answer via yes/no. there's a lot in there in terms of north korea policy. i think the president is right when he talks about diplomacy has not worked north korea. i think -- >> don't you think there's a threat of us getting into a nuclear war because because the
11:25 pm
president makes tweets to set off the other side? >> that was going to be my next point, which is essentially when you're talking about deterrence it's important to telegraph to the other side what the consequence of an action will be. he think the u.s. and north korea have done that but on both sides it's gone too far. i think the evidence of miscalculation can happen. >> thank you. i have one more question, and it's for mr. greene -- >> can the gentle lady yield until we come back? we've got a minute to vote. i apologize. but i want to adjourn the committee at this time. a recess -- correction. at this time. a vote has been called on the house floor. the committee will recess until 10 minutes after the last vote.
11:26 pm
>> thank you all for your indulgence and your patience. the subcommittee on oversight and management efficiency will come to order. so the chair will now recognize himself for five minutes of questioning, and just be apprised we're back to the five-minute schedule since we don't have votes impending. let me see if i can get my head here in the game quickly. mr. cilluffo, 6,000 hackers employed in china and southeast asia. i want to talk to you about that a little bit and the indicators in the intelligence prep of the
11:27 pm
battlefield just to set your mindframe. these hackers that are employed in china and southeast asia, and maybe i should also include mr. greene because maybe this is some of the lazarus folks i don't know. but do we -- obviously, it's a little tougher for us to track these people in china. do we track them at all? if not china, southeast asia seems like it would be more opportune intelligence target for us. do we track them? do the countries, the host countries where they're operating know that they're there, such that we could impose a sanction or some kind of financial penalty or some kind of penalty on that host country that is hosting these individuals? is that a possibility? >> mr. chairman, i think that's an excellent question. to clarify, the 6,000 is not exclusively those operating
11:28 pm
overseas. but a vast majority or many of them actually do. but i do think you raise a great question here, and that's finding levers and points of leverage we can have with other, including allies, by the way, where we can apply greater physical pressure in addition to cyber means. i mean, if you take -- if you look at a photo, a satellite photo of the koreas at night, south korea is lit up like a christmas tree. north korea's dark. so there's very little connectivity there. so obviously, when we look at some of our own capabilities and capacities, the retaliation in kind is going to have minimal effect and impact because they don't have a whole lot to take down. so when you start looking at these outposts that they do have, i think that we do have opportunities to apply new means of pressure and i do think that many of these countries are unwitting to some of these operatives.
11:29 pm
i think that is a path that should be pursued. and we should light them up. >> and what about the indicators? when you say essentially ipb and these are indicators when you talk about stand-alone, the broader campaign, and indicators, for instance, keeping with dr. pry, if we're to be, and i think we should be, rightly concerned about emp as a method, or any of the other things, but let's stick with emp, for example. would there be specific indicators in cyber that would clue us in to impending testing, utilization, et cetera? >> i think dr. pry rightfully framed the issue that at the end of day it's not the modality, it's the question or whether or not they get into the game. if they get into the game, they'll come in wholesale if they feel threatened. i think that the indicators are significant in terms of
11:30 pm
potential target selection. but i'm not necessarily sure there would be any specific to emp other than they're going after the grid, so if there's one critical infrastructure that every other critical infrastructure is dependent upon, all the life line sectors, it's electric. it is the grid. and they could come at that through cyber means or obviously catastrophically through emp attacks. >> i can see we're going to go to round two. so i'm going to try to limit my comments here. but mr. greene, i'm going to get you to hang on a little bit but i want to stick with mr. cilluffo for continuity. you mentioned in your remarks the targeting of u.s. energy companies. have they done that? do we have the indicators -- i mean, can we prove that at this point? that's known information to us? >> this is now known information, yes. there have been actual reports put out by the information sharing and analysis centers for industrial control systems and for the energy sector in
11:31 pm
particular. there's a news report that just popped earlier this week, specifically about a particular energy company that was breached. and that's based on information that -- >> it was breached by the north koreans? >> allegedly, that's what the attempt is. so i think one thing to notify, to keep in mind, in addition to ipb, where it could signal targets, it could signal intentions, it's also worth noting if you can exploit, you can also attack. in other words, if you're in the system, you're in the system. it all hinges around intentions and if they've got a foothold in the system and their intention is to attack, they can also attack. >> i'm going to yield and at this time i'll recognize the gentleman from louisiana, mr. higgins. >> thank you, mr. chairman. dr. pry, my questions will be addressed at you, sir, so that you can get your head wrapped around where i'm going with this.
11:32 pm
i'm specifically going to be asking about north korea's satellite program and their so-called space program, and the kms-4 satellite launch in february of this year. i read your entire testimony. it's fascinating, quite informative. you refer to massive intelligence failures, grossly underestimating north korea's long-range missile capabilities, the number of nuclear weapons, warhead miniaturization, the development of an h-bomb, et cetera. do you -- do you stand by that statement, sir? >> absolutely, as does dr. graham, thch >> moving on. in 2004 you stated that two russian generals, both emp experts, warned the emp commission the design for russia's super emp warhead, capabile of generating high intensity emp fields, was
11:33 pm
transferred to north korea. not long after that, in 2006, north korea nuclear tests indicated yields that were consistent with the size of a super emp weapon. the timing and indicators of that illegal nuclear test were reflective of the warnings as stated by the two russian experts. is that correct? >> yes, that's correct, sir. >> in a super emp weapon, according to your testimony, can be relatively small and lightweight and can fit inside north korea's kms-3 or kms-4 satellites. these two satellites, specifically i'm referring to kms-4 because it was launched in this year, presently orbit the united states and over every
11:34 pm
other nation on earth through the southern polar trajectory. the south polar trajectory evades u.s. ballistic missile early warning radars and national missile defenses, which also resembles a russian secret weapon developed during the cold war, similar super emp weapon. is that correct? >> yes, that's correct. >> two experts cited in your testimony stated similar concerns, one confirming that current ballistic missile defense systems are not arranged to defend against even a single icbm or satellite that approaches the united states from the south polar region. another expert stated that north korea might use a satellite to carry a small nuclear warhead into orbit and then detonate it over the united states for an emp strike.
11:35 pm
now, considering the fact that it appears that north korea has had access to a design for super emp warhead for over a decade now, according to the russian experts that were accurate in their predictions of north korean nuclear tests two years later and the indicators of that test, that would suggest that it was a detonation of a super emp device, would you -- would you concur that it's possible or even probable that kms-4 is currently super emp armed? >> we're very concerned about that. you know, we don't know if they're nuclear armed or not, but we know kim jong-un is a high risk player. and we think the threat is intolerable to pose an
11:36 pm
existential threat to our society that passes over the country several times a day and has recommended that the satellites be shot down over a broad ocean area, over the arctic region so just in case they're salvage fused for emp, they would go off over an area that would limit the damage to humanity. yes, we're very concerned about that. >> would you assess, sir, that the emp threat is significant enough, the existent emp threat, specifically with regards to kms-4, would you assess that threat is significant enough to warrant legislation out of this body as suggested to this subcommittee, mandating the hardening of our grid and the shielding of our grid as you mentioned earlier in your testimony? >> well, absolutely. sir, even before the north koreans launched these satellites back in 2008, that was the recommendation of the emp commission because we feared exactly this kind of development. there are two satellites currently on orbit. one launched in 2012. they may launch them in the
11:37 pm
future. what they appear to be trying to do is create a constellation so they will in the near term always have a satellite in close proximity to north america. if we don't act to defend ourselves and/or take out those satellites, eventually, we'll be in a situation where we can't easily take the satellites out without the united states being at risk. >> thank you for your testimony. mr. chairman, thank you for indulging my time. i yield back. >> the chairman thanks the gentleman. deviates from protocol and in the interests of time recognizes the ranking member mr. correa for the beginning of the second round. >> thank you. question, mr. greene. in terms of north korean cyber attack motivation, undermining the u.s., do you think -- what's higher probability, them going after our critical infrastructure or stealing intellectual property from us? >> so with the lazarus group,
11:38 pm
which has been linked by the fbi to north korea, it's hard to say because they have not shown any limitation in what they're willing to do. they have gone after critical infrastructure. they have gone after financial. they have gone after intellectual property. the recent report that mr. cilluffo talked about is concerning because it shows this probing of the battlefield initial effort to get their way into electric systems. and we had a report not lazarus, a different actor just a couple weeks ago, about compromises of control systems at energy facilities. previously, we had seen this actor working on the back end management systems and two years after that, they moved on to control systems. so there clearly is an effort. the group that was reported publicly this week has been consistent with the lazarus group. so to see them moving into the electric grid and have public reporting on it suggests to me a renewed interest there, which is worrisome, and depending upon what outcome they want, you're going to get a better
11:39 pm
geopolitical outcome by going after the grid than after an intellectual property. >> following up on that train of thought, if you go after sony, if you go after bank accounts, you may be doing it out of a hotel room in japan or maybe somewhere in china. or now based on the fact that russian state-owned company transtelecom is now working with north korea, i mean, you could have those kinds of thefts directly and indirectly. they're kind of vague in terms of who did it and where the smoking gun is. but after you go after our power grid and you shut it down, that's a little more direct of an attack. that's kind of a declaration here. >> if you're trying to track back technically looking at who's doing it, it's going to be the same technical means to see where the attack is coming from. you rarely see the last hop to an attack actually come from the bad actor's computer. they're going to compromise someone else's computer. a lot of the attacks that happen
11:40 pm
in the u.s. that are based from overseas, the attacking computer is actually in the u.s. but it's compromised, it's a bot. from that standpoint it could come from anywhere. in terms of the motivations, we have seen the lazarus group over the past couple years focus on financial gain that has coincided with when the sanctions have gotten worse. the ransomware, wanna cry, there was some speculation if they really wanted to get money out of wanna cry. there's been a fairly robust debate in the media circles that i spend my days in. but what we saw in wanna cry it was originally miscoded to collect ransom. within i believe it was 13 hours they released a new version when they realized they weren't correcting ransom -- collecting ransom. that suggests to me that was actually an effort to get money and again, that coincides with the increase in the sanctions. same thing with the bangladesh bank and polish bank heist. there's been an uptick in the
11:41 pm
effort to get money. at the same time, that was soon after the sony attack. i guess what i'm saying perhaps inartfully is that this group works on multiple different attacks. multiple different goals. >> let me put down the question and ask you, you have seen those coordinated attacks coming. has our response worldwide been a coordinated offense like it was when we got the ransomware where most of the world reacted very quickly? do we have that kind of coordinated response to north korea? are they part of that, you know, folks that we're looking at to make sure they don't surprise us with these kinds of attacks? >> with respect to their main actor, lazarus group, yeah, there's pretty good coordination, public/private partnership. the wanna cry response was probably the best public/private partnership we have ever seen. we were on the phone with dhs and the white house friday night throughout the weekend connecting up our experts. they were sending us indicators of compromise for analysis.
11:42 pm
we were sending them back. there's a growing ability to coordinate in cyber response that is kind of like the snowball going down the hill over the last -- >> i would imagine the key to the coordinated cyber response is time. you have to do it almost instantly, in split seconds. >> when i first heard reports of wanna cry, i confirmed this was real. i shot out a couple e-mails to the white house, to dhs, and i got almost immediate responses. we were talking in a matter of minutes. the concern i would have is still somewhat relationship based. we need to have that happening not because these are folks i know and they know me. there has to be something more structured in place. >> thank you. mr. chair? >> the chair thanks the gentleman. i'm going to start the second round, which looks like it's going to be me. are you leaving? you've got to go? >> no comment. >> all right. so it will just be us. we'll have a good time together. let me start with mr. cilluffo
11:43 pm
and finish where we were heading there. the targeting of the united states energy companies and indicators. do you know whether we, the federal government, homeland security and related agencies, are aware of the indicators and are monitoring the indicators and are monitoring the indicato indicators, developing that intelligence so to speak? >> you know, in germany terms, mr. chairman, they are. and we recently, the federal government recently stood up ctic, the counterterrorism -- the cyber threat integration and intelligence center under the office of the director of national intelligence, which is meant to provide the situational awareness of all the overseas intelligence we may have and combining that with what we may have domestically. >> who is collecting domestically? >> fbi would have different indicators. but the private sector. they're the owners and operators.
11:44 pm
they're the ones with better insights into their own critical infrastructure, into their data, and into particular breaches. so it really is, we talk public/private partnerships and i have said long on nouns, short on verbs. we have been talking about it forever, admiring the problem, but we are starting to see genuine solution sets there. and i think this gets to the bigger set of questions. i mean, at the end of the day, the private sector is on the front lines of this battle, and very few companies went into business thinking they had to defend themselves against foreign militaries or foreign intelligence services. it's an unlevel playing field. how can the federal government provide information, but on the flip side, the private sector provide some of the solution sets, too. it's in where the two come together that the magic is.
11:45 pm
>> do you have -- do you have recommendations in that regard, regarding a governmental for the homeland in particular, understanding that the intelligence services may be handling foreign threats, but threats in the homeland, i'm a little uncomfortable, quite honestly, feel like we're laid a little bare, just counting on the private sector, which with all due respect, they're focused on their business and trying to make a living, right? >> absolutely. >> this isn't supposed to be their primary focus, but it seems like it should be one of ours. >> i think you should have a specific tiger team set up to deal with the dprk -- with the north korean threat in particular. we talk about cyber and cyber deterrence. you don't deter cyber. you deter actors from engaging in certain activity whether nuclear cyber or otherwise. i do think there is an opportunity to build a team here specifically. >> there's nothing currently you know of. >> i may be unaware. hopefully there is some activity inside the federal government. but is it as whole and wholesome as it needs to be? probably not.
11:46 pm
>> okay. fair enough. all right, is part of your name -- because i noticed mr. correa kept some of it silent. please tell me how you pronounce your name. i want to get it right. >> ruggiero. >> ruggiero. thank you. so you talked about the department must be publishing a vessel list regarding north korea. saying we think they have 40, but you're saying it's up to 140. it seems to me a bit odd, so it might be out of place, and you can walk me through it, is this the department of homeland's responsibility? should it be their responsibility? and under what kind of authority, i guess. then i want to talk to you about the 180-day grace period regarding sanctions. i'm not sure i understand that fully. if you could elaborate on those two things. >> sure, in the sanctions law that was signed by the president i believe in august, there are some authorities for the department of homeland security, probably would have to work with the treasury department in terms of vessel lists. the issue with north korea now
11:47 pm
is it's easy to identify vessels that have the north korea flag or the ones that visit north korea. but they are very good at deceptive practices in the commercial and financial sphere, where they use chinese and hong kong and other front companies, and we believe that that is some of what they're doing in the shipping sector, which makes it harder. so that's where that delta comes from. that's why we use the phrase, at least. there are other lists that are much higher than that. and so i think, you know, this is an area where my experience comes on the iran side, where we targeted iran's shipping sector and it was very successful. that's an area now that we're not doing enough on north korea. i think homeland security could help with that. they have some authorities that could be used. i think treasury department, state department, and the point on tiger team, we don't see that
11:48 pm
in the u.s. government sort of going at sanctions in this way. so i think there's some focus on it, but we need to have more. >> okay, and the 180 days? there's a prohibition or a restriction regarding the sanctions regime? >> that's the requirement. when the homeland -- department of homeland security has to make some of these judgments in the law. the point i was making is, you can do it earlier than 180 days. >> okay. do we know, and keeping with you, sir, do we know, you mentioned in your testimony the sale of nuclear materials, and i don't know if we're talking about equipment, et cetera, and also chemical. do you have any examples of those that we need to be aware of that we're maybe not aware of, at least on the committee? >> in terms of nuclear, the biggest case was in 2007, when israel destroyed a nuclear reactor in syria. there's been, you know, rumors that north korea exchanged nuclear material with libya. in that same timeframe. on the chemical weapons side, i detail in my -- briefly in my testimony about the syria connections, which are not
11:49 pm
linked to the more recent ones, but talking about chemical weapons, suits and other items. these are relationships that are very strong between syria and north korea. >> at least there's a documented history, maybe it's not updated or maybe it's not current from a known fact standpoint, but that might just be because we don't know yet. we haven't found out. >> given my experience is that, as i said, north korea will sell anything to anyone who is willing to pay. and you know, there was a time where we thought that nuclear was a line they were not willing to cross. and they proved that they were willing to do that. >> okay. excuse me just one moment. [ inaudible ] okay. mr. terrell, i know you've been -- you're almost exhausted with your participation here. blister and nerve agents, and i
11:50 pm
think the world, at least i do, fundamentally believe that vx was used on kim jong-un's half brother in malaysia. and you know, i have a little bit of military experience as well. my chief of staff is a chemical officer. and with that, those eventualities were very concerning to anybody who knows what they're seeing there. maybe -- first, let me ask you this. i don't know what your background is, but i want to get for the record and hear from you folks. conventional artillery. conventional. we have assessed the north koreans have as many as 10,000 conventional tubes pointed at the 25 million people living in seoul, 60 plus or minus miles away, right? and that is -- and nerve and blister agent or chemical agents are deliverable by conventional
11:51 pm
artillery, are they not? >> yes, sir, they are deliverable by conventional artillery, rockets, and short-range ballistic missiles. >> do you know, and can you comment on whether conventional artillery, rockets, missiles, et cetera, all require electronics or electricity to operate? >> not all of their tube artillery would. >> right, so that's just pulling the lanyard, right? it's down range. so that's a concern there. and they have sufficient stockpiles according to your testimony. or at least what i read and you didn't dispute. >> south korean minister of defense estimates between 2500 and 5,000 metric tons. >> right, so that's certainly enough for a first round exchange, right? what about deliverable from -- for a long distance. you mentioned rocket or ballistic missiles. this is literally something, let's take vx, deliverable by ballistic missile over a large
11:52 pm
population or large area? >> they could deliver vx or mustard blister agent by scuds. most likely targets for those would be places like pusan, look at stopping force flow into the theater. >> but we're not talking about -- in your opinion, we're not talking about those being used against -- >> the homeland by icbm, no. >> not the united states or united states territories. at least from that delivery system, right? if they chose to package that up, put it on a ship, put it on a plane, somehow deliver it to the west and use some other methodology, vx is a credibly pervasive -- it only takes a little bit to go a long way. they could use that if they so desired in some kind of attack in the homeland or somewhere, one of our territories or one of our significant allies, right? >> correct, yes. >> okay. mr. greene, back to this lazarus
11:53 pm
group. do you know how they were identified, and do we track them? how do we know -- do they identify themselves? do they claim responsibility for certain things? what's the story on these folks? >> they don't claim responsibility. what we do is we see hundreds of attacks, thousands of attacks every day. we classify them. we analyze them, and are able to compare snippets of code, techniques, code obfuscation, ip addresses. different techniques and able to group certain attacks. based on that, the first grouping i'm aware of is 2009. they were reported as being behind some service attacks. so moving forward from that, moving forward from that what we see is code reuse or other techniques and tools that are reused. >> that's how you identify them. >> correct. >> do they call themselves the lazarus group or is that our common terminology to describe them? >> that's our name and there are other names for the same group. for us, that's a large group
11:54 pm
that encompasses eventually all of the activity attributed to north korea. >> because you're attributing that -- those actions to different techniques and the markers that you already discussed, we don't know them by name, individual persons, or locations, or can we glean that at some point from the work that they're doing? >> it's getting harder. oftentimes, you can determine back to a location. we can often find with some high level of confidence a city or even a time zone where something is coming from. but that's through a variety of means. sometimes we can tell, they leave time stamps when they compile code. they work 9:00 to 5:00. a certain time zone may take holidays off. they have gotten better at hiding that. what we as a technology company have a hard time doing is seeing who is sitting behind the computer. we may know they're in a particular eastern european country, but what you see is an overlap, sometimes you have
11:55 pm
criminals working. sometimes criminals will work for the government. sometimes government workers will moonlight as criminals at night. sometimes you have these so-called hacktivist groups that will work for the government. we leave that last mile of attribution from intent, not something we can peer into. >> are these countries typically -- these are probably countries, i don't know, are they typically countries that are not necessarily openly hostile to the united states but not necessarily welcoming as allies in the fight against terrorism? or otherwise? can you characterize that either way? >> with the lazarus group, i would have to go back. i can get back to you. i'm not sure how well we have defined the actual origination point of the attacks or the code. we are grouping them, we're relying, as i said, on the u.s. government to tell us this is a north korean actor. we can tell with a high level of
11:56 pm
certainty that a number of attacks are the same. for instance, when wanna cry came out, we knew it was relatively quick, we had a high level of confidence this was lazarus. we didn't know that it necessarily came from north korea, but we knew this was the same actors for a bunch of different reasons. and that became more certain over time. so i don't know, and i can get back to you, that we can tell you specifically. and actually, i'm quite confident, lazarus, no one really knows who patient was with the bad outbreak of lazarus. that hasn't been resolved yet, but that's one that spread autonomously on its own. >> you're a private entity and you record your findings and work with the federal government and various agencies whether it's intelligence agencies or otherwise, regarding your findings, but you don't know if they go the last mile or not or do they ever report that to you? do you ever get feedback regarding your inputs to know
11:57 pm
that they were ever resolved or how does that work? >> split that in two. with respect to attribution to a nation state, very rarely i can think that we didn't find out by picking up the paper, looking online and seeing the government has attributed x to y country. we do get feedback on the quality of work we do and the assistance we have provided, going back to wanna cry because it's fresh in my mind, we got a lot of quick feedback from the government saying this was helpful. what do you think about that? that was uk also. working with other countries as well. we is a give and take on the technical level. and we were sharing our thoughts on where we thought it was coming from in terms of a connection to lazarus. we didn't get a, you're right, we agree with you on that. we just pass that part along. >> and you don't know whether treasury or any other federal government agency has pursued these individuals for prosecution or the host countries for
11:58 pm
notification/apprehension or investigation? you don't know any of that, do you? >> not with lazarus. with other groups, they have indicted chinese hackers, iranian hackers. extradited some from i believe ukraine, maybe bulgaria. we know of some actions and have assisted in some law enforcement actions, but with respect to lazarus, don't know anything. >> okay. we might ask you to comment further off the record in an effort to determine what can be done from your viewpoint. it's one thing to identify them. right? but there's -- in my mind, there's really, i mean obviously, there's a reason to identify them, but if you skip the next series of steps where you go get them or deter them through the host country that may even -- they might be victims as well, right? but if we know and we don't take the next steps, i mean, that's pretty foolhardy. we have spent the energy and the time and the money, and then we're moving on to the next threat, right, which is coming
11:59 pm
momentarily. >> from our perspective as a company looking to protect ourselves, our customers, we're more focused on the how than the who. the who sometimes informs us. there's one thing you might find interesting. there was a group of security companies who got together a couple years ago for something we called operation blockbuster, which was a joint effort to go after lazarus, to try to degrade their efforts. sharing a lot of telemetry across different companies. that's the kind of thing going to what mr. cilluffo was talking about, you see a lot of security companies were competitors but we also were all working toward the same end. with some degree of success. it is the proverbial marathon, not the sprint. >> sure. and while you may be looking more at methodology than the -- the what as opposed to the who, i think the federal government has to be looking at both and we're glad you're looking at and your expertise might be in the what but we have to i think be interested in the who. you can't be, right? you're not a law enforcement agency. but the federal government is. okay. dr. pryor.
12:00 am
why did i write louisiana projects on my notepad? >> oh, probably because that's a project that the emp commission launched in cooperation with the department of homeland security to develop a plan to protect the to develop a plan to protect the louisiana electric grid. captioning performed by vitac have to keep studying the problem for years and years, that we know how to protect the grid now. we can do it now, do it in a cost effective way, and the people of louisiana actually, they're the ones who took the initiative through their louisiana public service commission, to act secretary kelly, who was then the secretary of homeland security to help them come up with a plan to protect the louisiana electric grid, and dhs is currently doing that. it's already done some good work. what we want to end up with is a detailed blueprint that they could actually implement in a cost effective way that will
12:01 am
prove to those who disagree with emp commission that we can do the job now. we can do it with the current technology, and it can be done cost effectively. >> and we don't have a detailed blueprint at this time? >> not yet. >> what's it going to take to complete it? >> it's going to take some time, for one thing. right now, dhs, the people who would normally be working on the plan are helping out in puerto rico right now, so that delayed it. okay, but it will take, once they are over that and they can focus on this plan, it will take three to four months and dhs has been putting 300k into it, it would have been good to have another $170,000. the emp commission was going to kick that in, but now we're out of business so we weren't able to do that. for less than -- it could probably be done for the 300k. >> you said it's a matter of months. understanding and agreeing that we get past the situation, the disaster in puerto rico and getting those folks back in power, et cetera.
12:02 am
about a month there. and less than $200,000 or something like that. why is the emp commission out of business? >> well, we were scheduled legislatively, that's a good question. and complicated one. under our charter, commissions typically last about 18 months. all right. and so we reached the end of our life. and nobody asked the commission to be extended. the department of defense didn't, the department of homeland security didn't. you know. >> does that take legislative action as far as you know or something that can be done from a regulatory side? >> it would take legislative action to continue the emp commission or it could be done by the chair -- i think the chairman of the committee, for example, chairman johnson asked about the power of the chairman of the committee to basically continue or establish a commission. he wouldn't be able to pay for it on his own. he would have to have the cooperation of the chairman of the senate appropriations committee if it was to be
12:03 am
appointed. however, i could tell you, emp commission has been working for 17 years pro bono. commissioners do not get paid. i haven't been mostly paid, so you know, we're used to working for nothing. >> okay. i, like mr. higgins, am concerned -- i didn't realize ms. jackson lee is here, so i'm going to suspend my questions. i'm going to come back to you, dr. pry. but i'm going to recognize ms. jackson lee for her questions. >> mr. chairman, thank you very much. and to the witnesses, thank you for yielding to me. this is a very important discussion. i wish i could spend the time that the chairman has now spent, but i know that we'll have a very extensive record and appreciate you for that. let me just go directly to mr. greene and pursue recent reports about north korea's capacity for attacking the grid.
12:04 am
we understand, those of us who have been on the committee, i chaired the transportation infrastructure committee and cybersecurity. i have seen all the nuances of homeland security and national security. and we now have a new hurdle, and i think one of the most difficult and challenging parts of the hurdle is that 85% plus of our critical infrastructure is in the hands of the private sector. so what capacity does north korea have in the attack on the critical infrastructure? what would be their inclination? what i suspect they would say, let me drop my other options and this looks like this is either more fun or more devastating or far reaching impact or i can readily see how the impact is. what is your assessment on that, and what's your assessment on
12:05 am
our protection against it, and what's your assessment on our steps to address something like that? >> so i would say the reports that came out in the past week have been about really the first steps of an operation to implicate the grid and the reports that i saw were by the group that we call lazarus, spearfishing e-mails, attempts to get a bridge head on control systems, i'm sorry, any systems these energy facilities, most reports have said they have been unsuccessful, but cyber can be like seeing one bug in your house, where there's one, there's usually a lot that you can't see. so that suggests to me there's a lot of other activity going on. cyber is one of those things where you really are subject to the weakest link theory. eventually, they're going to find a way onto some system. that goes also to your question about the preparation of the grid generally. there are a lot of companies that have taken significant steps in recent years.
12:06 am
nerk did take a long time to get regulations out, but they're being followed. but the problem is you do have over 300,000 different utilities and you don't need to compromise the biggest to have some kind of impact. in terms of whether they're there yet, i haven't seen evidence to sunl they have actually gotten onto the control systems. we have seen that with other different actors, but not yet with lazarus. doesn't mean they're not trying. one thing that may be in our favor is 6,000 sounds like a big number of cyber warriors, so to speak, but it is not as big as some other countries, and control system knowledge, the ability to compromise control systems is fairly specialized. i don't know yea or nay whether they have that. very will could be trying to develop that, but there are a lot of hurdles they have to go through. as with the progress we have seen with nuclear and elsewhere, it's not going to stop them from trying. i hope i answered the breadth of
12:07 am
your questions. >> do you think we're a year away, months away, years away in terms of their capacity to hack a very, very vital network here in the united states? we are sophisticated. we are dependent on technology. our power grid is in varying states of repair or disrepair. and our technology is questi questionable in light of the private sector ownership as to whether the sufficient nlt firewalls are there. you mentioned the concept of breaching someone's, i call it the technological wall, in that there is that kind of activity going on. where do we need to be in terms of the government? i believe we should not be in a voluntary mode of getting the private sector to be required to document that their systems are secure. we don't have a requirement of
12:08 am
secure documentation. and to take down our grid is weaponry. so how far away are they from that? >> i don't know the specifics of their capabilities, but i can draw an analogy to this group, the dragonfly group, even extremely sophisticated. we saw them take about two years to go from management systems back end systems to control systems. we detected them on those systems earlier this year. so depending upon the level of experti expertise, it could take them, it also depends on luck. they find the right vulnerable system and the right human frailty, they could get on sooner. just being on the system wouldn't be enough. you have to have a certain amount of knowledge of the energy grid, but one thing we have seen lazarus to be quite good at is the reconnaissance element of the operation. i suspect what we saw reported earlier this week is the
12:09 am
proverbial tip of the iceberg of the efforts going on. >> you believe there is a will and they're making a way, meaning they will be interested in doing this. this would be one of the elements they would find attractive in terms of attack on the united states or any other country that they're at odds with? >> yeah, and i think they're not alone in that. there are other major likely nation state actors looking to get on the beachhead onto the systems. the question becomes at that point, we talked about the intent and understanding of the implications of doing it. with respect to dragonfly, we have reported that there are no technical limitations left for them to be able to cause impacts, significant impact to energy operators. the bridge they would have to cross is a willinginize to do it, understanding the implications to themselves and their own economies and potential retaliation. >> you think russia would have any collaboration on this since they would engage with power attacks in ukraine? >> i just don't have any
12:10 am
knowledge on that. i'm sorry. >> mr. chairman, would you yield me a few more minutes? appreciate it. >> madam. >> thank you. i see a head going on, dr dr. sulafo. do i have it almost right? >> close enough. i have been called much worse. >> to read it from this distance. this is something that i think -- i'm beginning to believe that there are some elements of business choices and the respect we have for the capitalistic system that requires our very keen study and one of them is the infrastructure of cyber that's in the private sector and what firewalls that have an overwhelming impact. so i yield to you and i want to go to mr. terrell on another matter. >> ms. jackson lee, thank you for the question. i think you raise an important
12:11 am
point here. firstly, not all critical infrastructure is equally critical. when you get to the most critical, those that affect our so hp called lifeline sectors that affect public safety, national security, and economic security, the grid is top of the list. i don't care how robust everything else is, if you don't have power, it's kind of futile. >> there you are. >> so yes, they are a unique set of entities. on the russia side, what they demonstrated boat in 2015 and 2016, a rubeicon was crossed in that case. we all thought woulda, shoulda, coulda, those were threats, but in this case, they intended to signal a capability because they followed up the disruptive attacks with a denial of service attack. basically an in your face, ha-ha, we got you response to the first attack. the reason i jumped into this
12:12 am
fray was because obviously, north korea is dependent upon china for much of its support and the like. but you're slowly starting to see russia fill that breach. in fact, there was a russian company that just moved in to provide internet access service to north korea since the chinese capabilities have been minimized. they have back end capabilitiec, so i do think you've got a bigger set of issues here. there is quite a bit of chatter that russia has been supporting and working, whether the state or whether through its proxies, organized crime, hard to discern who's behind the clickety-clack of the keyboard, but there is a lot of interest there. and this comes to a point, mr. chairman, you brought up earlier. one of the most vexing challenges is that you are -- there are digital safe havens. a vast majority of these bad actors are playing in china and russia. and we have -- we lack
12:13 am
extradition treaties with both of these countries. and the reality is that we have to get more and more creative to be able to extradite them when we go to countries that the u.s. does have cooperative relationships. this issue, as complex as it is, the cyber issue can't be seen in isolation of all of these other matters because it really is about the safe havens and russia and china are there. i think russia is filling the breach that china has been abrogating in north korea. >> well, he's given me, i can look in his direction because his gavel might be moving. i'm going to take the time, i'm glad he had this hearing. i think you should give us maybe in writing our marching orders, and don't think i'm asking you to be presumption. you said safe havens. i would like five points for the record, if you have five points you can say quickly, the safe havens. i'm concerned about the vastness of the private sector in these
12:14 am
critical areas you talked about, and the firewall that we have, it's in the private sector. we have voluntary, if you call us, we can come. what more can we do that strengthens their protection if in fact their own internal systems are not where they need to be? because this is national security issues with another country hacks x, y, z dealing with the power grid or hospitals or research. it's very important. >> is that a qfr, a question for me to follow up on or -- >> give me one because i'm going to go to the professor. >> so this is not -- it's not to punt the issue, but quite honestly, i don't think we're ever going to firewall our way out of this problem. by that, i mean the initiative remains with the attacker, so if you think of it in the traditional red/blue military kind of environment, we have to shape the environment so it's in
12:15 am
our best interest. so it's not to abrogate all the cybersecurity responsibilities, but the initiative will always be with the attacker. the attack surface is growing exponentially. every day, it grows and security still tends to be an afterthought when we think of the internet of things and the network devices that are coming onboard, we're never going to simply be egg to firewall our way out of this problem. i feel the private sector has been given an unfair -- they're defending against nation states. so we have to -- we have to level that playing field. and without going into a totally different direction, i think we need to be a little more proactive in shaping the environment so it's in our best interest. >> thank you. i just need to be pursued along other lines. i have probably a different view, but i thank you for that view. and the safe havens is something we need to ascertain. i want to get to the question of
12:16 am
north korea's danger to the homeland. and maybe get you to -- first of all, let me say that i am a proponent of the nonnuclear agreement with iran, and you might offer to comment on the idea of first of all, that doesn't mean that you do not look at the compliance and other elements that may need to be of concern. that is not a blanket. that is a vigilance on the other elements of iran's terrorism propping up assad and other things. when you look to the agreement, you have to look to the four corners of it, whether or not there is compliance, whether there's access, and all of those at this point have not been negated. but i think the point that i want to raise is if you can ascertain, if you said it, please forgive me, but i would like to hear it, where north korea is right now in their
12:17 am
capacity, and i don't want the news articles. they can get to alaska or here, whatever. their head of government chooses to say on any given day. but your ascertaining his, where he is, where the country is and the likelihood of his efforts, if you will. that would be helpful. >> yes, ma'am. with respect to a difference between iran and north korea, quickly, we have to deal with every country and every threat in the unique situation that that threat exists in. so iran doesn't match perfectly to north korea. north korea doesn't match perfectly to russia. so approaching each one tailored to that threat is important. so where north korea sits with their willingness and ability to attack the homeland today using nuclear or chemical weapons, you
12:18 am
know, the nuclear program, he has an ability to employ nuclear weapons today. it's a matter of where can he employ them and when and why would he employ them. so in understanding north korean rationale, they're an extremely rational actor. from their perspective. they do things that are in their national interests. in solidifying his security as the head of state, in solidifying his security within the region. and he has a population surrounding him that almost nobody remembers a time when the kim family was not in charge. for 67 years, they have all been told, everything that is wrong in north korea is the americans' fault. so when pushed into a corner, he will have reason from his
12:19 am
perspective, he can create a rationality to attack. he -- if he feels he needs to. he's going to try to deter us because he still has two operational regional objectives to try to accomplish. the family has always said, unification of the korean peninsula is important. so can he do that in such a way where he can keep the united states from not supporting the republic of korea and not supporting japan? and keep japan out of a war. and can he do this either/or if he can't reunify initially, can he reach an actual peace treaty on the peninsula that solidifies his position, because in solidifying his position with just a peace treaty can say i have finished what my grandfather started. and he sets himself up for long-term control in north
12:20 am
korea. which is why a global campaign pressure or pressure campaign that cuts off funding from the outside, cuts off support, weakens that position. so the challenge becomes, can he attack us? yes. can he attack us effectively yet? he's almost there. and the north koreans have also demonstrated they're not nearly as interested in the actual precision that we may be interested in. if he can attack seattle, does he care if he can attack directly at and hit directly on top of the space needle? no. but if he can hit seattle, he can hit seattle. if he can hit the united states, he can hit the united states. so his threshold of use will probably may be lower than us. his threshold of accuracy will be lower than ours. so we're not -- we may not be there tonight. we may be there next week. or we may be there next month, but we're at the point where he's going to have the ability
12:21 am
to attack the united states and with an intention of killing americans. you know, just hurting us a little bit isn't as important to him as it is killing us. in north korea, they remember, the u.s. bombing campaign during the korean war was there's two bricks stacked on top of each other, united states is going to destroy those two bricks. they're going to want to inflict as much damage as they possibly can if they attack. >> will the gentle lady yield? i have a hard stop. >> i would be happy to yield. mr. chairman, could he be allowed to say the one action to stop that? i would be happy to-year-old. what is our action? other agreements being abandoned? we don't have an opportunity at diplomacy, but go right ahead. >> you know, the overall means of dealing with north korea today, we're at this point where we have to continue the pressure
12:22 am
campaign, we have to demonstrate our resolve, and we have to be able to talk to them. and it may not actually end up being a negotiated solution, but over the entire course of the cold war in deterrence with russia, we talked to the russians. we talked to the soviets. they understood our message. we understood their message. we have to have those means of being able to talk to the north koreans. so we can have an effective deterrent while we get to a solution that hopefully does not include going to war. >> the chair thanks the gentle lady. >> dr. pry, i want to finish up with you if i could. i, too, like mr. higgins am concerned and interested in the satellite array and the capabilities therewith that north korea has. can they potentially launch an emp device from one of those
12:23 am
satellites? and is it something that's launched from the satellite? does the satellite come out of orbit? does the satellite deploy something? house does that work? >> we're concerned because the satellites, the orbit, the trajectory, the purpose of this resembles this secret women the soviets came up with in the cold war. and basically, the satellite has a nuclear weapon inside of it. and you orbit the satellite so it's at the optimum altitude already for putting an emp -- >> you're saying it's currently there now? >> yes, it is, and it passes over us several times a day at that place. all you have to do is det nade it when it arrives. because we don't have ballistic missile early warning radars facing south, we're blind defenseless from that direction, which is why it's on a south polar orbit. now they have two of them there. i find it -- we might have actually seen a dry run of a
12:24 am
north korean total information warfare operation back during the 2013 nuclear crisis we had with north korea after the third nuclear test. you know, that was on april 16th, 2013. you know, it coincided with lots of cyber activity attacks from north korea, but that was the day of the metcalf transformer shooting. okay, we don't know who did that, but when the people who train the u.s. navy s.e.a.l.s went in there, they thought it was a nation state operation. this was done the way the s.e.a.l.s would have done it in terms of all the techniques. and on that very day is the day the kms-2 passed over washington, d.c. and new york city. you had events that threatened the western grid and the eastern grid simultaneously on that day. we don't know if it was north korea that did metcalf, but for sure, that was their satellite passing over washington, d.c. and the new york city corridor. >> so the two satellites they have right now, they apparently
12:25 am
one at least passes over new york city, the east coast, new york city, washington, d.c., and the other one? >> well, they actually -- they pass -- every time they do an orbit, do an orbit they pass another 90 miles to the east so there are times -- >> i see. >> -- when it's right over to center of the united states and passes over the eastern -- >> and times that are potentially none. >> yes. >> but your testimony indicates they would like to fill the array so there's ever one present. >> right. it used to be that basically would have to wait 90 minutes. all right. now it's ha 45 minutes. >> and we don't know what's in the satellite. >> we don't. according to the north koreans' official position it's an earth observation satellite for peaceful purposes, but then kim jong-un and north korean press have actually included it in their descriptions as part of their nuclear deterrent, and there are quotations from them to that effect. >> wn


info Stream Only

Uploaded by TV Archive on