House lawmakers urge Biden administration to defend U.S. against North Korean cyber onslaught
House lawmakers are urging the Biden administration to take action to protect Americans in response to new details of North Korean hackers targeting U.S. officials first reported by The Washington Times.
A slew of current and former U.S. officials, media executives and national security researchers are targets of the North Korean cyberattackers. Using sham emails to impersonate American officials is a key tool of the hackers tied to North Korean intelligence, The Washington Times learned in interviews with more than a dozen current and former national security officials.
House Foreign Affairs Committee Chairman Michael McCaul said the regime of North Korean leader Kim Jong Un is a dangerous and malicious cyber actor that the U.S. and its allies must combat.
“The Biden administration’s national cybersecurity strategy released in March must go further than words and have concrete actions that, among other things, ensure the security of our networks and systems,” Mr. McCaul, Texas Republican, told The Times in a statement. “The U.S. government should continue partnering with the private sector and attribute these attacks as quickly and correctly as possible.”
The Biden administration is refining its strategy to counter the North Korean threat. The U.S. partnered with South Korea to issue a cybersecurity advisory on Thursday warning of social engineering and hacking emanating from the North Korean attackers.
Some lawmakers are dissatisfied with the Biden administration’s cyber posture.
Rep. Mike Gallagher, Wisconsin Republican, said the North Korean hacking threat underscores the need for President Biden to fill the National Cyber Director position left vacant in February.
Mr. Gallagher leads the House Armed Services subcommittee on cyber and he wants Kemba Walden, the acting National Cyber Director, formally installed so the government may act swiftly to combat the North Korean threat.
“North Korea’s threats and intimidation tactics don’t stop with their missile systems — they also extend to the cyber domain and require us to move with a sense of urgency to protect our people and assets,” Mr. Gallagher said.
The North Korean hackers’ targets involve a range of experts focused on North Korea. Joseph DeTrani, a former CIA official and diplomat who represented the U.S. in talks with the North Koreans, previously told The Times he learned in recent months that the hackers had targeted and impersonated him.
The administration is working to alert the wider public about North Korea’s cyber threat to the U.S. The National Security Agency, FBI and State Department partnered with South Korean agencies in warning of North Korean hackers using social engineering and malware to attack think tanks, academia, and the news media.
The NSA told The Times on Tuesday that North Korean cyber actors are continuing to impersonate legitimate sources to gather intelligence on geopolitical events, foreign policy strategies, and negotiations involving the country’s interests.
“North Korea relies heavily on intelligence gained from these compromises,” an NSA spokesperson said. “These actors prey on vulnerable targets with less defensive resources.”
The NSA said it encouraged people to follow the recommended mitigation measures outlined in its cybersecurity advisory, which also directs people who believe they may have been targeted to contact the FBI’s Internet Crime Complaint Center. The NSA spokesperson said the State Department is also engaged with victim groups and foreign officials to raise awareness.
America’s process for detecting and countering foreign cyber threats may undergo new scrutiny.
The cybersecurity firm Mandiant and its parent company Google have been involved in identifying the nature of the North Korean threat.
Rep. Ken Buck, Colorado Republican, urged the federal government to be cautious when working with Google on cybersecurity. As cause for concern, he cited Google’s reported decision not to renew a contract with the U.S. military in 2018, and Sen. Josh Hawley’s questioning in 2020 of Google-owned YouTube’s alleged censorship of criticism of China.
“The United States should tread carefully when outsourcing critical components of our national security apparatus to a company that has a history of refusing to work with our brave men and women in uniform and has repeatedly chosen to play defense for the CCP,” Mr. Buck said. “I look forward to learning more.”
Google did not respond to a request for comment.
The FBI and the National Counterintelligence and Security Center at the Office of the Director of National Intelligence declined to comment and referred The Washington Times to the U.S. agencies’ cybersecurity advisory published with South Korean government agencies last week.