[House Hearing, 114 Congress]
[From the U.S. Government Publishing Office]

                       THE NORTH KOREAN THREAT: 
                      NUCLEAR, MISSILES AND CYBER



                               BEFORE THE

                      COMMITTEE ON FOREIGN AFFAIRS
                        HOUSE OF REPRESENTATIVES


                             FIRST SESSION


                            JANUARY 13, 2015


                            Serial No. 114-2


        Printed for the use of the Committee on Foreign Affairs


Available via the World Wide Web: http://www.foreignaffairs.house.gov/ 
                         U.S. GOVERNMENT PUBLISHING OFFICE 

92-556 PDF                     WASHINGTON : 2015 
  For sale by the Superintendent of Documents, U.S. Government Publishing 
  Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; 
         DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, 
                          Washington, DC 20402-0001                              
                      COMMITTEE ON FOREIGN AFFAIRS

                 EDWARD R. ROYCE, California, Chairman
ILEANA ROS-LEHTINEN, Florida         BRAD SHERMAN, California
DANA ROHRABACHER, California         GREGORY W. MEEKS, New York
STEVE CHABOT, Ohio                   ALBIO SIRES, New Jersey
JOE WILSON, South Carolina           GERALD E. CONNOLLY, Virginia
MICHAEL T. McCAUL, Texas             THEODORE E. DEUTCH, Florida
TED POE, Texas                       BRIAN HIGGINS, New York
MATT SALMON, Arizona                 KAREN BASS, California
DARRELL E. ISSA, California          WILLIAM KEATING, Massachusetts
TOM MARINO, Pennsylvania             DAVID CICILLINE, Rhode Island
JEFF DUNCAN, South Carolina          ALAN GRAYSON, Florida
MO BROOKS, Alabama                   AMI BERA, California
PAUL COOK, California                ALAN S. LOWENTHAL, California
RANDY K. WEBER SR., Texas            GRACE MENG, New York
SCOTT PERRY, Pennsylvania            LOIS FRANKEL, Florida
RON DeSANTIS, Florida                TULSI GABBARD, Hawaii
MARK MEADOWS, North Carolina         JOAQUIN CASTRO, Texas
TED S. YOHO, Florida                 ROBIN L. KELLY, Illinois
CURT CLAWSON, Florida                BRENDAN F. BOYLE, Pennsylvania
REID J. RIBBLE, Wisconsin
DAVID A. TROTT, Michigan
TOM EMMER, Minnesota

     Amy Porter, Chief of Staff      Thomas Sheehy, Staff Director

               Jason Steinbaum, Democratic Staff Director
                            C O N T E N T S



The Honorable Sung Kim, Special Representative for North Korea 
  Policy and Deputy Assistant Secretary for Korea and Japan, U.S. 
  Department of State............................................     5
The Honorable Daniel Glaser, Assistant Secretary for Terrorist 
  Financing, Office of Terrorism and Financial Intelligence, U.S. 
  Department of the Treasury.....................................    22
Brigadier General Gregory J. Touhill, USAF, Retired, Deputy 
  Assistant Secretary for Cybersecurity Operations and Programs, 
  U.S. Department of Homeland Security...........................    28


The Honorable Sung Kim: Prepared statement.......................     8
The Honorable Daniel Glaser: Prepared statement..................    24
Brigadier General Gregory J. Touhill, USAF, Retired: Prepared 
  statement......................................................    30


Briefing notice..................................................    72
Briefing minutes.................................................    73

                       THE NORTH KOREAN THREAT: 
                      NUCLEAR, MISSILES AND CYBER


                       TUESDAY, JANUARY 13, 2015

                       House of Representatives,

                     Committee on Foreign Affairs,

                            Washington, DC.

    The briefing was held, pursuant to notice, at 10:10 a.m., 
in room 2172, Rayburn House Office Building, Hon. Ed Royce 
(chairman of the committee) presiding.
    Chairman Royce. This briefing will come to order.
    As the members here know, we are not going to be able to 
formally organize until next week, but I very much appreciate 
the ranking member, Mr. Engel, his cooperation in beginning 
this process of holding today a briefing so that we can get 
started on the many pressing issues that we face, and I look 
forward to meeting next week to formally organize the committee 
and discuss how all of us can work together in a bipartisan way 
in order to advance U.S. interests around the world.
    And one of the things I have enjoyed about working with 
this committee is the way Mr. Engel and myself and the members 
here on the committee have been able to advance the idea that 
we work on a consensus and then move that forward with one 
voice overseas, and I think that amplifies the message from the 
United States.
    But the issue that we are discussing today, North Korea, is 
one where for years the United States and our allies have been 
rightly concerned about the threat from North Korea's nuclear 
missile programs.
    Mr. Sherman and myself remember very vividly the situation 
of proliferation by North Korea with respect to the transfer of 
that capability into Syria and, on the banks of the Euphrates, 
a weapons program being developed there as a consequence of 
North Korea, and for years we have watched that program grow.
    And now this brutal regime has added a new weapon to its 
arsenal, which is cyberattacks, and the state-sanctioned cyber 
attack on Sony pictures underscored three unchanging facts 
about North Korea: First, this rogue regime has no interest in 
being a responsible state.
    Second, while Kim Jong Un continues to carry out human 
rights abuses around the world and by carrying out attacks, for 
those of you who remember some of the exercises that the North 
Koreans have taken offshore, as well, most importantly, of what 
they have done to their own people.
    The way in which a country treats its own people will 
sometimes tell us how they will treat others. The current 
President of South Korea, her mother was assassinated by North 
Korean agents.
    So, we looked at that U.N. report that was recently filed, 
after the evidence and interviews with many of the survivors, 
defectors out of North Korea, this was the conclusion of the 
report. The United Nations has found no parallel in the 
contemporary world for the treatment of people in North Korea. 
That is quite a statement.
    And in the meantime, of course, instead of assisting that 
population, the resources that North Korea gets its hands on 
continues to go into its nuclear and missile systems and, of 
course, cyber weapon capability as well.
    And third, the third point, North Korea's weapons are not 
merely for show. We and our allies in Northeast Asia are facing 
a brutal and dangerous regime, one that not only is trying to 
miniaturize nuclear weapons to put them on ICBM's, but also 
one, as I said earlier, that has been involved in the past in 
central Asia and in the Middle East in proliferating these 
different types of weapons, missiles and other types of 
offensive capabilities as well as nuclear weapons capability.
    So North Korea's growing cyber capability emerged most 
starkly in 2013. Our ally, South Korea, suffered a series of 
cyberattacks that temporarily brought down some of the 
commercial and media networks, it disrupted banking systems. 
The hackers called this Dark Soul, but in particular what they 
were able to do was to shut down the banking systems in parts 
of the country, shut down the ATM systems and so forth.
    Despite limited internet capability in North Korea, the 
fact is that there is an elite cyber ware warfare unit the 
defectors have told us about, Bureau 121, which was traced back 
as the source of these attacks on South Korea. And some of the 
expertise was obtained overseas by sending them to other 
countries for training, but certainly that capability was 
deployed against South Korea.
    And last year's cyber attack is estimated to have cost Sony 
hundreds of millions of dollars in damage. It was a state-
sanctioned attack that has many Americans asking, ``If that is 
what North Korea can do to a movie company, how vulnerable is 
our critical infrastructure, how vulnerable is our electric 
grid?'' You know, what if electricity was cut off? I mean, that 
obviously could be a dark chapter.
    Earlier this month the administration announced long 
overdue sanctions targeting officials and front companies of 
the North Korean Government. And I am glad the administration 
has described this as just the first aspect of its response, 
because many of those individuals who were blacklisted had 
already been targeted by U.S. sanctions.
    But the significance of this new Executive order may come 
from the broad power it gives the President to target anyone 
who is a part of the North Korean Government or is assisting 
them in any way, that is, if the administration chooses to use 
it to its full advantage.
    We need to step up and target those financial institutions 
in Asia and beyond that are supporting the brutal and dangerous 
North Korean regime. Such sanctions have crippled North Korea 
in the past. For those of us who remember the consequences on 
Banco Delta Asia being sanctioned, and left the regime unable 
to buy the loyalties of its generals at that time, who could 
not be paid.
    This committee has been focused on the North Korea threat 
for years, bringing attention to the regime's human rights 
abuses, its illicit criminal activities, its growing nuclear 
and missile programs, and helpful scrutiny of North Korean 
nuclear negotiations.
    Indeed, last Congress the House passed legislation that 
Ranking Member Eliot Engel and I authored to ramp up the 
financial pressure on North Korea, pressing for North Korea to 
be designated a primary money laundering concern, as has been 
done with Iran, curtailing its sale of weapons and stepping up 
inspections of North Korean ships, among other steps. 
Unfortunately, the Senate failed to act on this critical 
legislation before it adjourned, but we will soon try again and 
give the Senate a chance to join us in tackling this growing 
    And I will now turn to the ranking member for his opening 
    Mr. Engel. Thank you very much, Chairman Royce.
    Thank you for calling this briefing on the threat that 
North Korea's nuclear missile and cyber capabilities pose to 
our national security and that of our friends and allies in the 
Asia Pacific region.
    I want to on a personal note say that I commend your strong 
leadership on this issue, and it means a great deal that this 
briefing is the very first item on our committee's agenda in 
the 114th Congress.
    I look forward to working with you and the rest of our 
colleagues to address this challenge and to continue working in 
a bipartisan and productive way in the year ahead, and I want 
to second what you said. It is very important for us, whenever 
possible, to have one voice in international affairs. It 
strengthens us, it strengthens us around the world, and that is 
what we have tried to do in this committee.
    So you and I, Mr. Chairman, have introduced joint 
legislation, we have written joint pieces, joint op ed pieces, 
we have done joint letters to officials, and I believe that we 
have gotten the biggest bang for the buck because we have shown 
unity on this committee.
    One of the things that I have noticed is when I go overseas 
and we take a bipartisan delegation along, our differences 
really, really narrow, because we are all Americans and we all 
love this country, and I think it is very important. I think 
this committee leads the way in terms of the way Congress ought 
to govern in a bipartisan fashion.
    So I want to thank you, Mr. Chairman, for all you do to 
ensure that that continues.
    I also want to thank our witnesses for their service and 
for their testimony today.
    The recalcitrance, cruelty, and unpredictability of the Kim 
regime makes North Korea one of the toughest challenges we face 
on the global stage. The last three administrations, Democratic 
and Republican alike, have attempted to address the problem of 
North Korea's nuclear program. Unfortunately, very little 
progress has been made. Despite a long list of sanctions, North 
Korea is no closer to denuclearization today than it was 
several decades ago; rather, North Korea has continued to 
develop its nuclear, conventional and cyber capabilities at an 
alarming rate.
    Already North Korea has a significant arsenal of short-
range missiles that could reach South Korea and Japan. Most 
troubling to me is the continued development of North Korea's 
medium and long-range missile capabilities. They may be 
unreliable today, but some of these missiles could eventually 
pose a threat to Guam, Alaska or even the west coast of the 
continental United States. And some believe that North Korea 
has aspirations to build submarines that could carry these 
missiles even closer to American shores.
    North Korea appears to be working toward a miniaturized 
nuclear warhead that could be mounted on intermediate and long-
range missiles. I was concerned by comments made in October by 
the commander of U.S. forces in Korea that at this moment, 
North Korea may possess the ability to miniaturize a nuclear 
    And based on recent events, it is clear that North Korea's 
aspirations do not stop at conventional or even nuclear 
weapons. The Kim regime is wielding 21st century weapons as 
well, and has quietly developed an offensive cyber capability.
    Like many others, I was deeply disturbed by the cyber 
attack on Sony that took place in November, an attack that was 
not just disruptive, but also destructive. Agents working for 
the North Korea regime vandalized, threatened and coerced a 
company operating in the United States. This attack and the 
ensuing threats of violence were a perverse and inexcusable act 
by the North Korean Government.
    As I said then, no one, especially an entity operating in 
the United States, should feel that they must cede their rights 
to operate within the law because of veiled threats from rogue 
    I look forward to the witnesses, to hearing how each of 
your departments is dealing with this threat, are you engaging 
with the private sector? Are you ramping up information sharing 
and collaboration across agencies? Are you putting safeguards 
in place to ensure that these kinds of attacks will not be 
successful in the future? I look forward to hearing about your 
progress in these areas.
    There is no international agreement or clear definition of 
what constitutes cyber war or cyber terror, yet, it is clear 
that cyberattacks can cause destruction of property, stoke 
fear, intimidate the public, or even bring about the loss of 
life that could be as serious as conventional acts of war or 
    We must assure that North Korea's cyber capabilities and 
the cyber capabilities of other state-sponsored and rogue 
actors do not threaten our citizens, our businesses, or our 
national security. I would like to hear the witnesses' 
assessments of these risks and our ability and the ability of 
allies and partners to effectively defend against them.
    Finally, let's remember that the greatest threat the regime 
in Pyongyang poses is to its own people. I have visited North 
Korea twice myself--Mr. Wilson of this committee was with me on 
one of the trips--and I still remember the incredible 
uneasiness that I felt being in a place where absolute power is 
consolidated among a very few and where the rest of society is 
systematically and brutally oppressed.
    For years we have heard reports about the abuses endured by 
the people of North Korea, torture, starvation, forced labor 
and execution. A recent United Nations Commission of Inquiry 
report confirmed these reports, calling the North Korean regime 
responsible for systematic, widespread, and gross human rights 
violations, including what they said was crimes against 
    The chairman and I share a deep commitment to addressing 
the injustices endured by the North Korean people. So we face a 
delicate balance: Holding the Korean leaders who perpetuate 
this violence accountable while recognizing the need for basic 
support for the North Korean people. Maintaining that balance 
makes our work on North Korea all the more critical and all the 
more difficult.
    So I look forward to hearing your perspectives on this 
issue, and I thank you for joining us today.
    Thank you, Mr. Chairman.
    Chairman Royce. Thank you, Mr. Engel.
    This morning we are joined by representatives from the 
Department of State, from Treasury and from Homeland Security.
    Ambassador Sung Kim is the Special Representative for the 
North Korea Policy and the Deputy Assistant Secretary for Korea 
and Japan. Previously he served as U.S. Ambassador to the 
Republic of Korea and he was the special envoy for the Six-
Party Talks.
    Honorable Daniel Glaser, prior to his confirmation as 
Assistant Secretary for Terrorist Finance in the Office of 
Terrorism and Financial Intelligence at the Department of 
Treasury, he served as the first director of the Treasury's 
Executive Office of Terrorist Financing and Financial Crimes.
    Brigadier General Gregory Touhill is Deputy Assistant 
Secretary for Cybersecurity Operations and Programs at the 
Department of Homeland Security. Previously he served in the 
United States Air Force as the Chief Information Officer and 
Director of Command Control Communications and Cybersystems at 
U.S. Transportation Command.
    And so without objection, the briefer's full prepared 
statement will be made part of the record here, members will 
have 5 calendar days to submit any statements to you or 
questions or put any extraneous material into the record.
    And, Ambassador Kim, if you would like to begin. And if you 
could summarize your remarks, and then we will go to questions.


    Ambassador Kim. Thank you very much, Mr. Chairman, Ranking 
Member Engel and members of the committee.
    Thank you very much for inviting me today along with my 
colleagues from Treasury and Homeland Security to testify about 
North Korea.
    As we respond to North Korea's destabilizing, provocative 
and repressive policies and actions, we appreciate the interest 
and attention you and the committee have given to this 
important issue.
    In recent weeks, Mr. Chairman, the American people and the 
international community have been deeply troubled by the 
destructive cyber attack on Sony Pictures Entertainment. An 
extensive FBI investigation has concluded that the attack was 
conducted by the Government of North Korea.
    The administration is totally committed to defending U.S. 
citizens, U.S. businesses, and our Nation's constitutionally-
protected right of free speech. That is why the President made 
clear that the United States would respond proportionally to 
the DPRK's attack in a time and a manner of our choosing.
    Our response to the attack on Sony is consistent with our 
policy on the DPRK across the board, one which seeks to work 
with our allies and partners to increase the cost to North 
Korea of its irresponsible behavior, to sharpen the regime's 
choices, and to persuade the DPRK peacefully to abandon its 
nuclear weapons program, respect the human rights of its 
people, and abide by international norms and obligations.
    Mr. Chairman, as you stated eloquently in a recent 
interview, we need to change the equilibrium in North Korea and 
move the regime away from hostility. Together with the 
international community, we are using the full range of tools 
at our disposal to make clear to the DPRK that abandoning its 
nuclear weapons, provocative actions and human rights abuses is 
the only way to end the political and economic isolation.
    In our messages to the DPRK and to our partners, we have 
made clear that we will respond to the DPRK's misbehavior. The 
Executive order signed by the President on January 2nd is an 
important new tool. It responds to the attack on Sony Pictures, 
but also provides a framework for addressing the full range of 
DPRK illicit behavior.
    In applying this pressure, just as in our efforts at 
engagement, our work with our allies is vital. The United 
States has very limited economic and other ties with the DPRK, 
so our financial sanctions are much more effective when 
supported by our partners.
    We also work with our allies to deter DPRK aggression. 
Having left Seoul as Ambassador just a few months ago, I can 
tell you that our alliance with South Korea is stronger than 
ever, and our growing trilateral security cooperation with 
South Korea and Japan also sends a powerful message of 
deterrence to Pyongyang.
    If I may Mr. Chairman, I would like to take this 
opportunity to thank you and the committee for the committee's 
strong support for our robust alliances with both Japan and 
South Korea.
    Mr. Chairman, as we apply unilateral and multilateral 
pressure and strengthen our deterrence, we will continue our 
principal diplomacy. We have made clear to the DPRK that the 
door is open to meaningful engagement. Close coordination with 
our partners in the Six-Party process is essential. Thanks to 
our continued robust engagement with South Korea, Japan, China 
and Russia, our unity has never been stronger. Wherever 
Pyongyang turns, it hears a strong, unwavering message from all 
five parties echoed by the wider international community that 
it will not be accepted as a nuclear power.
    Our alliances with Japan and the Republic of Korea are a 
bedrock of our Six-Party diplomacy. Both allies are resolute 
and their commitment in their goal of the denuclearization of 
the Korean peninsula and the end to North Korea's illicit 
behavior. Both governments have condemned the attack on Sony 
Pictures and express solidarity with the United States in our 
    To intensify our coordination, I will travel to Tokyo for 
trilateral talks with my Japanese and South Korean counterparts 
later this month. On that trip, I will also visit Beijing to 
strengthen our cooperation with China.
    China has done a great deal on North Korea. We believe it 
can do more. In the wake of the cyber attack against Sony 
Pictures, China did condemn malicious behavior in cyberspace.
    Although Russia has recently pursued investment in North 
Korea and invited Kim Jong Un to visit Moscow later this year, 
our alignment on the core goal of denuclearization remains 
strong as ever.
    We also work actively with partners in the broader 
international community, especially on human rights. Building 
on the important work of the U.N. Commission of Inquiry, this 
past year the U.N. Human Rights Commission and General Assembly 
adopted by overwhelming margins resolutions calling for 
accountability for North Korea's human rights abuses. Just last 
month, the U.N. Security Council took up the DPRK's grave human 
rights injustices on their standing agenda for the very first 
    Mr. Chairman, standing up to North Korea requires a 
sustained and concerted effort by all of the countries in the 
Six-Party process and indeed by the entire international 
community. Together, we will, to borrow your words again, 
``change the equilibrium in North Korea and persuade Pyongyang 
that North Korea will not achieve security or economic 
prosperity while pursuing nuclear weapons, trampling on 
international norms, and abusing its own people.''
    Thank you again for the opportunity to appear before this 
    Chairman Royce. Thank you, Ambassador Kim.
    [The prepared statement of Ambassador Kim follows:]

    Chairman Royce. Dan?


    Mr. Glaser. Thank you, Chairman Royce, Ranking Member 
Engel, and distinguished members of this committee.
    Thank you for inviting me to speak today about the U.S. 
Government's efforts to counter the threat posed by the 
malicious cyberattacks of the DPRK.
    The DPRK is a brazen and isolated regime that has 
repeatedly shown flagrant disregard for international 
standards. This is evident in the DPRK's development and 
proliferation of its illicit nuclear and ballistic missile 
programs, its repeated violations of U.N. Security Council 
resolutions, its repression of its people through serious human 
rights abuses, and most recently its cyber attack on a U.S. 
company in attempts to stifle freedom of expression in our 
    In response to the DPRK's cyber attack on Sony Pictures, 
the President signed an Executive order, Executive Order 13687, 
on January 6th, 2015, granting the Treasury Department the 
authority to impose sanctions against agencies, 
instrumentalities, officials and entities controlled by the 
Government of North Korea and the Worker's Party of Korea.
    Executive Order 13687 represented a significant broadening 
of Treasury's authority to increase financial pressure on the 
DPRK and to further isolate it from the international financial 
system. For the first time, Treasury has the authority to 
designate individuals and entities based solely on their status 
as officials, agencies, or controlled entities of the 
Government of the DPRK. Treasury also now has the authority to 
designate those providing material support to the Government of 
the DPRK.
    Simultaneous to the issue of this Executive order, Treasury 
designated three entities and ten individuals, whom Secretary 
Jack Lew described as ``critical North Korean operatives.'' 
These include the Reconnaissance General Bureau, known as RGB, 
which is the DPRK's primary intelligence organization, which is 
responsible for many of its cyber operations; the Korean Mining 
Development Trading Corporation, also known as KOMID, which is 
the DPRK's primary arms dealer; and ten officials of the DPRK 
Government, including eight KOMID officials based throughout 
the world.
    Secretary Lew also made clear that we will continue to use 
this broad and powerful tool to expose the activities of North 
Korean Government officials and entities. Treasury has also 
used existing tools to raise the cost to the DPRK of its 
provocative actions.
    Since 2005, Treasury has designated over 60 North Korean-
related entities and individuals under Executive Order 13382, 
which targets WMD proliferation-related activities, and 
Executive Order 13551, which targets North Korean arms sales, 
the procurement of luxury goods, and illicit economic activity. 
Under these authorities, Treasury has exposed and cut off 
access to the U.S. financial system to entities and 
individuals, such as the Foreign Trade Bank and Daedong Credit 
Bank, which are two of North Korea's most important banks, and 
have provided crucial financial support for a number of DPRK 
illicit activities.
    We have also designated General Kim Yong Chol, the head of 
the RGB, whom Director James Clapper recently named as the 
official who likely ordered the cyber attack on Sony.
    Today the DPRK is financially isolated, thanks in no small 
part to the actions I have described. Over the years, Treasury 
has ensured that the DPRK has limited access to the U.S. 
financial system and worked with our allies to restrict 
Pyongyang's access to the international financial system.
    As a result of sanctions and other measures targeting the 
DPRK's illicit conduct, financial institutions around the world 
began severing their ties with the DPRK in order to avoid 
entanglement with North Korea's illicit activities. These 
actions contributed to the DPRK's economic isolation and spurs 
positive change in the behavior of banks across the globe.
    While this increased isolation has made targeting the DPRK 
more complex, Treasury continues to deploy the tools at its 
disposal to raise the cost of the DPRK's defiant behavior and 
induce the government to abide by its international 
    The U.S. Government's response to the malicious Sony cyber 
attack is a demonstration of our determination to hold the DPRK 
responsible for its actions. But protecting the U.S. from 
cyberattacks isn't just about implementing sanctions, it is 
also about working with the private sector to safeguard our 
economy and the infrastructure more broadly. Beyond our 
response to the Sony cyber attack, safeguarding the U.S. 
financial system and its critical infrastructure from the 
threat posed by state-sponsored malicious cyber activity is 
also part of Treasury's mission.
    Treasury partners with the financial sector to share 
specific threat information, improve baseline security, and 
enhance industry response and recovery. I go into much of this 
in my written testimony in greater detail.
    As the United States confronts the destabilizing and 
destructive actions of the DPRK, Treasury is employing its 
authorities to isolate North Korea from the international 
financial system. Treasury will continue to use its arsenal of 
financial measures to combat the cyber threat by the DPRK.
    Thank you, Mr. Chairman, for your invitation to testify 
before the committee today, and I look forward to answering any 
    Chairman Royce. Thank you, Secretary Glaser.
    [The prepared statement of Mr. Glaser follows:]

    Chairman Royce. General?


    General Touhill. Thank you very much, Mr. Chairman.
    And Ranking Member Engel and distinguished members of the 
committee, thank you very much for having me today.
    I appreciate the opportunity to appear before you today 
alongside my colleagues from the Departments of State and 
    The Department of Homeland Security leads the national 
effort to secure Federal civilian networks, and coordinates the 
overall national effort to protect critical infrastructure and 
enhance cybersecurity. The DHS cybersecurity mission includes 
analysis, warning, information sharing, vulnerability 
reduction, mitigation, and aid to national recovery efforts for 
critical infrastructure information systems. DHS ensures 
maximum coordination and partnership with Federal and private 
sector stakeholders while working to safeguard the public's 
privacy, confidentiality, civil rights and civil liberties.
    Within DHS, the office of Cybersecurity and Communications 
focuses on managing risk to the communications and information 
technology infrastructures and the sectors that depend upon 
them, as well as enabling timely response and recovery to 
incidents affecting critical infrastructure and government 
    Our office executes its mission by supporting 24x7 
information sharing, analysis and incident response for private 
and public sector partners. We provide tools and capabilities 
to strengthen the security of Federal civilian executive branch 
networks, and engage in strategic level coordination with 
private sector organizations on cybersecurity and 
communications issues.
    DHS offers capabilities and services to assist Federal 
agencies and stakeholders based upon their cybersecurity status 
and requirements. The department engages its stakeholders 
through a variety of mechanisms, including information-sharing 
forums as well as through the National Cybersecurity and 
Communications Integration Center, which we call the NCCIC. The 
NCCIC, a 24x7 cyber situational awareness, incident response 
and management center, is a national nexus of cyber and 
communications integration for the Federal Government, the 
intelligence community, and law enforcement.
    Our activities include, first, incident response. And 
during--or following a cybersecurity incident, DHS may provide 
response capabilities that can aid in mitigation and recovery. 
Through our integration center, DHS further disseminates 
information on potential or active cybersecurity threats to 
public and private sector partners. And when requested by an 
affected stakeholder, DHS provides incident response through 
the United States Computer Emergency Readiness Team, commonly 
referred to as the US-CERT, or the Industrial Control Systems-
Cyber Emergency Response Team, commonly referred to as the ICS-
    Our second activity is assessing security posture and 
recommending improvements. And upon request, DHS conducts risk 
and vulnerability assessments to identify potential risks to 
specific operational networks, systems and applications, and 
then we provide recommendations for mitigation.
    Our third activity is providing technical assistance. DHS 
may provide direct technical assistance upon request. For 
instance, following attacks on the financial services sector in 
2013 and 2014, our United States Computer Emergency Readiness 
Team went onsite with major financial institutions and other 
critical infrastructures to provide direct technical 
    US-CERT's technical assistance and technical data include 
identifying 600,000 distributed denial-of-service-related IP 
addresses, and contextual information about the source of the 
attacks, the identity of the attacker, and associated details 
behind the attack. We have had a long-term, consistent threat 
engagement discussion with the Department of the Treasury, the 
FBI and private sector partners in the financial services 
    Regarding the Sony Pictures Entertainment incident, in 
November 2014, the NCCIC was made aware of a specific 
significant breach in the private sector, impacting Sony 
Pictures Entertainment. Cyber threat actors targeting Sony used 
a sophisticated worm to conduct cyber exploitation activities.
    Since that time, DHS has initiated a series of proactive 
steps designed to protect not only the dot gov space from any 
potential spillover, but to share information with our private 
sector partners. We have worked extensively with our partners, 
including the FBI and other agencies, and international 
partners to share information and collaborate on incident 
analysis. DHS has published multiple products related to this 
incident, has shared with other Federal agencies, our 
international partners, the private sector and the general 
    As a trusted information-sharing partner to the private 
sector, the NCCIC does not have a regulatory role. Our mission 
includes securing critical infrastructure and protecting the 
Federal dot gov space.
    As we conclude, evolving and sophisticated cyber threats 
present a challenge to the cybersecurity of the Nation's 
critical infrastructure and its civilian government systems. 
DHS remains committed to reducing risks of Federal agencies and 
critical infrastructure. We will continue to leverage our 
partnerships inside and outside of government to enhance the 
security and resilience of our networks, while incorporating 
privacy and civil liberties safeguards into all aspects of our 
    Thank you again for the opportunity to provide this 
information, and I look forward to your questions.
    Chairman Royce. Thank you very much, General.
    [The prepared statement of General Touhill follows:]

    Chairman Royce. I was going to start with a question of 
Assistant Secretary Glaser. And Ambassador Kim made the point 
that increasingly Russia has stepped in where China has 
curtailed with respect to support for North Korea. He is 
speaking about the issue of forgiving debt and certainly the 
investments from Russia into the rail network. I have traveled 
in North Korea, and the functioning rail network just ends at 
the border, and once you are in North Korea, it is not 
operational, so--or at least none that I could see. And so the 
investment would seem to be critical coming from Russia.
    The question I have is, is that investment that--would then 
be sanctionable, right? Under the interpretation that I just 
    And on top of that, if we look at the Section 311 
sanctions, which you were at the center of in 2005, I remember 
working with you on that at the time with respect to Banco 
Delta Asia, there is a lot more that we could be doing here if 
we were to label North Korea a primary money laundering 
concern, as we have done with Iran. That would be possible. 
After all, we caught them, you know, with 100 dollar U.S. 
currency. We saw that in Macau, we had $100 bills there that 
were counterfeited out of North Korea.
    So the question I have, then, is let's go to that issue of 
financial sanctions on North Korea. As Kurt Campbell, former 
top State Department official for Asia noted recently, we could 
really move effectively with that and make life much more 
difficult for those who are making life difficult in South 
Korea and here.
    Mr. Glaser. Thank you for the question, Chairman Royce.
    I certainly agree with you. It is our goal and it has been 
our strategy, it has been our strategy at the Treasury 
Department for many years now to implement sanctions and other 
financial measures in a way that isolates North Korea from the 
international financial system, and that would be from the 
international financial system everywhere, whether it is China 
or Russia or the United States or Europe or other places in 
Asia. The goal is to squeeze them financially as much as 
    With respect to the new Executive order that you make 
reference to and that I discussed in my testimony, that is an 
important new tool that we have at our disposal precisely 
because it gives us a tremendous amount of flexibility in how 
we approach targeting.
    So we could go--we could target any North Korean Government 
agency, we could target any North Korean Government official, 
and then once they are targeted, we could apply sanctions with 
respect to any individual or entity who is providing them in 
turn material support or any individual entity that they in 
turn control. So that gives us--that gives us a large----
    Chairman Royce. And I think that is where we need to have 
the focus, because the Foreign Trade Bank, that was a 
designation a long time coming, but just designating North 
Korean institutions is not going to curtail the kind of hard 
currency that the regime uses in order to continue to expand 
their ICBM program, for example.
    Mr. Glaser. Right. And that is why what we are trying to do 
is identity what their notes are into the international 
financial system. You mentioned Banco Delta Asia, a designation 
under 311 that we did 10 years ago. Why that was so successful 
was not with respect to the specific action on Banco Delta 
Asia, but that tied up about $25 million of North--money that 
North Korea said was North Korean money.
    But the real impact of Banco Delta Asia and that 
designation and that action was it that it created a chilling 
effect throughout the financial system. Banks around the world 
stopped doing business with North Korea. We still live in that 
world today. That action and a lot of other actions we have 
taken have made it a lot harder.
    Chairman Royce. And that is why Mr. Engel and I have our 
legislation that we have over in the Senate, because my 
observation at the time was that, as you said, it wasn't just 
Banco Delta Asia, it was a dozen banks all that were willingly 
doing business in laundering, basically, or doing business with 
North Korea, and once those accounts were frozen, not only 
could he not pay his generals, but I later talked to defectors 
who had worked--one had worked on the mission program. He said, 
that program came to a halt because we did not have the hard 
currency. We couldn't even buy the clandestine gyroscopes that 
we would buy on the black market for those missiles. We 
couldn't pay for anything.
    And that is the kind of pressure, I think, could cause a 
regime to recalibrate its thinking. There has to be 
consequences directly and it has to impact, you know, the 
family itself that run that country. And the best way I can 
think of doing that is to not give them the hard currency, so 
that those generals are not paid, the army is not paid. And at 
some point people turn and say there has to be a better way 
forward than the kind of repression that is going on.
    And that is why we are trying to jump-start this beyond 
just sanctions within North Korea, to the financial sanctions 
that would truly, truly create additional pressure.
    Do you think our legislation, which we had passed into the 
Senate last year, if we get that out of the Senate this year, 
do you think that would be a useful tool?
    Mr. Glaser. Well, we, you know, you say, Chairman, that it 
was dozens of banks. It was more than dozens of banks; it was 
hundreds of banks making the decision at the time to not do 
business with North Korea. So we have that impact, and that is 
an impact that we are still--that we are--that is a world that 
we are still living in.
    So, again, you say the goal is to identify financial 
institutions outside of North Korea that provide these points 
of access, and that is exactly what we are trying to do. You 
mentioned, Chairman, Foreign Trade Bank. I thought that was an 
extremely significant action. That was North Korea's primary 
source of access to the international financial system, and 
    Chairman Royce. True enough, but I would just point out, 
there are a number of small banks that we have been following 
that are doing business with North Korea that, frankly, if we 
really wanted to squeeze, we could cut that off. And if we do 
cut that off, it becomes very problematic for them to get the 
resources even to send these hackers, you know, to Moscow, or 
in the past they sent them to Beijing to get the kind of 
training. I mean, if you cut off the hard currency, these 
regimes like North Korea cannot carry out the kinds of 
offensive attacks that they are given to.
    Mr. Glaser. Right. And that is exactly what we are trying 
to do. Foreign Trade Bank, Daedong Credit Bank, Daesong Bank, 
Bank of Eastland, these are banks that we have targeted with 
    We used Section 311 on Banco Delta Asia. You know, the 
actions that we have taken have caused a chilling effect even 
within the Chinese financial system, even banks, major 
commercial banks within China have cut off their relationships 
with entities such as Foreign Trade Bank.
    So I think, Chairman, that that is exactly the right 
approach that we should be taking.
    Chairman Royce. We are on the right road, we just want to 
accelerate it. Dan, thanks for being here to testify today.
    Mr. Glaser. Thank you.
    Chairman Royce. We go now to Mr. Engel.
    Mr. Engel. Thank you, Mr. Chairman.
    The chairman mentioned, and I agree, that the bottom line 
is that there needs to be an impact on the family that runs the 
county, the Kim family, obviously, and all of their 
    When we went to Pyongyang, now granted--I was there twice, 
and granted, you are limited to what you can see, we were told 
that we could only be in the capital, that we couldn't go 
outside of the capital, and then we got up early and we 
observed people going to work in the morning, everything seemed 
really normal. People looked to me like they were fed properly, 
people were wearing dress clothes for work, it seemed like 
almost any other major city, but we are told that Pyongyang is 
essentially where the elites live. And so the elites are 
treated relatively well, while the rest of the country is 
starving, and that is really the problem.
    So what can be done to bolster the enforcement of existing 
sanctions in a way that would impose meaningful costs for the 
North Korean elites? What do we--what other levers would we 
have to influence them to make sure that it is not a situation 
of where you have elites in the capital doing relatively well, 
and then we impose sanctions, the sanctions hurt all the people 
that are starving all around the country, but the elites 
basically are untouched? What might we do to make sure that 
they are caught up in this, that they suffer the penalties for 
their actions?
    Mr. Glaser. Thank you for the question, Congressman. I 
don't think that the misery that has been inflicted on the 
North Korean people can be attributed to sanctions. I think the 
North Korean Government bears sole responsibility for the 
misery of the North Korean people.
    But I do take your point that the goal is to try to put 
pressure on the elites, and I think that it is precisely 
through access to the international financial system that we 
can do that, because that is who benefits, that is how the 
elites acquire the hard currency that the chairman talked 
about, the luxury goods, the other things that make their 
life--that make their life pleasant and that make, you know, 
the system run as far as the system actually runs. So that is 
what we are trying to do.
    We are trying to identify their sources of currency. One of 
the important sources, for example, is conventional arms sales. 
That is why we targeted eight KOMID officials in our recent 
round of sanctions a couple of weeks ago. These are individuals 
who operate in places like Africa, who are raising hard 
currency for the regime, and we are trying to cut that off as a 
    And as the chairman said, we try to identify their points 
of access so that they can't repatriate the funds or they can't 
use the funds that they do have. We have identified a number of 
banks, but this is an ongoing effort. This is an effort that 
has been ongoing for 10 years. It is a hard target, because 
their needs are relatively small. They only need a handful of 
points of access. It makes it very effective when we do find a 
node. When we can put our finger on a node, we could have a big 
    But they try to gain access through deceptive financial 
measures, they try to gain access through countries in which we 
have less influence, and so it is an ongoing effort and we are 
continuing to work on that. And I think that the recent 
Executive order gives us the flexibility to really step that 
    Mr. Engel. Thank you.
    I am wondering if any of you can talk about the--obviously 
North Korea is gaining additional conventional and nuclear 
capabilities, and obviously it seems to us that this emboldens 
themselves with respect to belligerent activity in other 
domains, such as cyberspace.
    Can anybody talk about that? I would be interested in 
hearing your perspective on that.
    Ambassador Kim. Thank you, Ranking Member Engel.
    We are obviously deeply concerned about North Korea's 
efforts to improve their dangerous capabilities in the nuclear 
front, missiles, as well as now cyberspace. They pose a great 
threat, not just to the region, but to the United States 
    I think what we need to do is continue to strengthen our 
efforts on sanctions, pressure, but also continue to work on 
strengthening our deterrent capability on all fronts, and this 
requires a continuing effort with our partners, not just in the 
Six-Party process, but more broadly in the international 
    I can assure you that despite North Korea's continued 
efforts to improve their capabilities, we are fully capable of 
defending against any threat posed by the North Koreans.
    And I point to one upcoming example, which is our military 
exercise with the South Korean's that is going to be coming up 
shortly. This is a very important exercise, defense oriented, 
but very effective exercise in making sure that we maintain the 
strongest possible combined deterrent capability on the 
peninsula so that we are prepared to deal with any threat posed 
by North Korea.
    Mr. Engel. And don't the North Korean's usually react 
hostilely to joint maneuvers between South Korea and the United 
States? I mean, we are saying that this drill, the joint drill 
that we are doing together, is routine and it is not related to 
a report that North Korea is trying to increase its submarine 
    Whether it is or isn't, aren't we likely to see some acting 
out by North Korea as a result of these joint maneuvers?
    Ambassador Kim. Sir, I mean, I don't want to speculate on 
what the North Korean's may be planning to do. You are quite 
correct that they don't like our exercises, because I think 
they understand that our exercises strengthen our combined 
deterrent capability. But these are routine, non-provocative 
defense oriented exercises that we have carried out for 40 
years. We have been quite open about it. So the North Koreans 
really have no right to complain about these exercises.
    Mr. Engel. Now, you mentioned, Ambassador, the Six-Party 
Talks. When we were there, and it was several years ago, so 
things may have changed, the North Koreans seemed to be more 
interested in having Two-Party Talks with the United States 
rather than the Six-Party Talks. Is that still what we--what we 
find coming from them?
    Ambassador Kim. Unfortunately at the moment, the North 
Koreans don't seem to be interested in any constructive 
dialogue with anybody, including the United States, as well as 
the Six-Party Talks. I mean, we believe that the Six-Party 
Talks framework still provides a viable forum for discussing 
this issue.
    One of the main reasons is that the north--it is in the 
Six-Party process that the North Koreans made the most clear 
commitment to denuclearization. It is their own commitment, and 
I think we need to hold them to it. And the Six-Party process 
also includes all of the key countries in the region that have 
a stake in this issue. This is not an issue just for the United 
States. This is an issue for the whole region.
    And we have the Chinese, who actually chair the process, 
the Japanese, South Koreans and the Russians in the process. 
And I think we need to try to work within the process to make 
some lasting progress in denuclearization.
    Mr. Engel. Thank you.
    My last question, Mr. Glaser, I want to just follow up on 
the elites discussion that we had before. We find that the 
elites in North Korea find creative ways around the existing 
sanctions, obviously. They work through Chinese banks, and 
those banks are not exposed or integrated into the 
international market.
    So what are we doing to go after these types of 
    Mr. Glaser. Well, the Chinese financial system is 
integrated into the international financial system. I think one 
good example of our ability to impact behavior even within 
China was, as I had the exchange with Chairman Royce, our 
designation of Foreign Trade Bank, which is North Korea's main 
commercial bank, it is the bank through which they do most of 
their commercial conduct.
    Upon our designation, the main--the major commercial banks 
in China, the big commercial banks acted as you would expect 
any international commercial bank to act, and they announced 
that they were cutting Foreign Trade Bank off from their banks. 
So we can have an impact on commercial banks in China.
    That said, I think that you are exactly right. China does 
provide North Korea the lion's share of its access to the 
international financial system. It is an issue. It is a subject 
that I have had discussions with the Chinese many times on, and 
it is something that we need to continue to talk to the Chinese 
about to try to get Chinese assistance in making sure that 
their financial system does not provide North Korea the 
opportunity to engage in proliferation or any other illicit 
economic activity.
    Sung and I were talking about this just before this 
hearing, and I know that Sung plans on having this conversation 
with the Chinese as well. So it is a significant issue, and it 
is one we are focused on and will continue to be focused on.
    Chairman Royce. And we will be in Beijing in March, all 
right, so we will continue that dialogue.
    We are going to Mr. Steve Chabot of Ohio.
    Mr. Chabot. Thank you, Mr. Chairman, and thank you for 
convening this briefing to examine the North Korean threat.
    This committee has long recognized the dangers of 
Pyongyang's growing capabilities. In fact, last year as the 
former chairman of the Asia-Pacific Subcommittee, I held two 
hearings specifically on North Korea because not only is it the 
greatest security threat to the peace and stability of Asia, 
but it is one of the United States' most vexing security 
challenges and, I would argue, greatest policy failures in many 
ways. So just a couple of questions.
    Ambassador Kim, in June of last year, the Asia-Pacific 
Subcommittee heard testimony from your predecessor, Ambassador 
Glyn Davies, and in his testimony, he stated that China is 
North Korea's ``last remaining patron''; however, as Chairman 
Royce already mentioned, Pyongyang has a growing relationship 
with Russia and illicit networks with countries in the Middle 
East, especially Iran.
    We know that North Korea maintains a fairly robust illicit 
trading network with these various Nation states and terrorist 
organizations, and last year signed an economic trade deal with 
Russia. This will provide Pyongyang with an economic boost to 
counter sanctions and counterbalance the Chinese, who have been 
putting some pressure on them.
    In light of North Korea's recent cyber attack on Sony, 
there is a growing speculation about how big North Korea's 
cyber army really is and where it has received the training to 
orchestrate such an attack.
    Ambassador Kim and General Touhill, could you, either of 
you, discuss first, who are North Korea's primary patrons at 
this time, and second, could you discuss where North Korea's 
gaining its cyber capabilities and expertise, and finally, do 
you have a more accurate sense as to how big North Korea's 
cyber army really is? And I will let either one of you go 
    Ambassador Kim. Thank you very much, Representative Chabot. 
I will defer to General Touhill on the cyberspace issue.
    With regard to North Korea's patrons, frankly, I think 
North Koreans are running out of friends. I think they are 
becoming increasingly isolated because of their misbehavior on 
the nuclear front, on missiles, human rights abuses.
    Of course, China has a special relationship with North 
Korea. They have considerable leverage over North Korea. I 
think what we have seen in our cooperation with China is that 
China is working with us more effectively in trying to stifle 
North Korea's dangerous activities. And it is an ongoing 
effort. I think all of us need to do more, including China.
    Russia, as you mentioned, sir, there has been some contact, 
there has been some senior level discussion, some investment 
flows, but I believe the bottom line is that the Russians 
remain committed to the shared goal of denuclearization and 
they do want to work with us to make sure that the North 
Koreans move in that direction, despite some of the contact 
that we have seen recently.
    Mr. Chabot. General Touhill.
    General Touhill. Thank you very much for the question, sir.
    You know, regarding the acquisition of tools and 
capabilities in cyberspace and being able to employ them, many 
of these tools, as a matter of fact, most of these tools are 
readily available to anybody around the world through open 
source acquisition. Many of the tactics, techniques and 
procedures used by attackers in cyberspace, and predominantly 
criminals, are openly available through the marketplace and 
frequently posted online. So the acquisition of capabilities is 
readily available to anybody, including the North Koreans, 
through open source activities.
    Mr. Chabot. Thank you.
    I think I have time for one more question.
    I will direct this to you as well, General.
    North Korea's cyber capabilities were first revealed back 
in March 2013 as South Korean financial services and media 
firms were attacked. At that time, it was it latest attack to 
emerge from a malware development project called Operation 
Troy, which revealed Pyongyang was attempting to spy on and 
disrupt South Korea's military and government activities.
    Could you say whether North Korea's focus on using the 
master boot record wipe functionality, if you are familiar with 
that, for its attack on South Korea is similar to the attack 
launched on Sony, and what possible responses or protections do 
we have against this type of cyber attack?
    General Touhill. Well, thank you very much for that 
    The attack using a wiper virus or capability to attack the 
master boot record in essence means that every computer has an 
instruction set that is contained in part of the disk called 
the master boot record, and it tells the computer what to do 
when it is turned on and it tells where the information is 
stored and the like.
    Using an attack against that master boot record basically 
wipes out the record, and the computer no longer knows how to 
turn itself on and look for the information, so it is a very 
devastating attack to the computer.
    As we take a look at the code, and we have done some 
malware forensics with the malicious code that was discovered 
as a result of this attack, it was a very sophisticated, well 
organized piece of code that was specifically engineered to 
attack that master boot record.
    When it comes to detecting that type of malicious code, it 
is very difficult to do that for each and every piece of code. 
Our current database of malicious software numbers over 100 
million different sample sizes.
    That said, we have taken the information we have done from 
our malware forensics and we have loaded those indicators not 
only into the Einstein system to help protect our Federal 
systems, but we have also shared that with our international 
partners, with the private sector and the like.
    So the indicators that we have derived from our analysis, 
we have shared, but this is very, very well crafted code, sir.
    Mr. Chabot. Thank you very much.
    Yield back.
    Chairman Royce. We go now to Mr. Brad Sherman of 
    Mr. Sherman. The witnesses should relax for a few minutes, 
as I have kind of an opening statement that I will use some of 
my time with, but don't relax too long. I will have a question 
for you, General, in a few minutes.
    Obviously North Korea is worthy of sanctions, but how do 
you have trade sanctions against a nation where we have no 
trade, deny visitor visas to a country that sends us no 
visitors, name and shame a country that is shameless?
    The ranking member and the chairman have pointed out that 
we could have secondary sanctions. Their bill does just that. 
And secondary sanctions are where we threaten another country 
or a bank or other company in another country with sanctions if 
they do business with North Korea, but if we are going to 
designate those who provide material support to the DPRK, we 
would start with the Government of China, which doesn't just do 
business with North Korea, but gives them free money, free oil, 
    And I know the Ambassador points out that the Chinese have 
perhaps on occasion stifled North Korean behavior by pushing 
them to be a little bit less aggressive, but the fact is that 
just last month they threatened to blow up multiplexes in the 
districts of every member up here, so I am not sure that they 
have been all that stifled.
    I don't think China--China has made a strategic decision: 
For now, regardless of the annoyances, they are backing North 
Korea. Every day they are giving them free oil, every day they 
are supporting them militarily and diplomatically.
    And so we would have to do things that China disagrees 
with, do things to Chinese companies, do things to China's own 
trade relationship. One thing we could do is designate them a 
currency manipulator if they don't radically change their 
behavior toward the Korean Peninsula. This has the additional 
advantage of being true. They are a currency manipulator.
    Since we are probably unwilling to do that, we will target 
this or that Chinese company or bank, I think with some 
success, to at least suppress and annoy North Korea, but China 
seems to have made a strategic decision that North Korea's 
success is so important, that they will give them free money, 
so I can't imagine that they will allow us to completely shut 
off their banking relationships.
    So I support all the efforts of the gentlemen here and of 
the ranking member and the chairman to try to turn the spigot 
down a little bit, but I don't think we can turn it off.
    There is one other thing we can do. First, we ought to 
reflect that this was a unique attack. It wasn't just an attack 
on a company, it was an attack against freedom of speech in the 
United States, and so I would like to give North Korea a double 
dose of free speech. We spend $8 million broadcasting into 
North Korea. We could increase that to 16. That is an 
additional cost of $8 million, or roughly one-thousandth of 1 
percent of what we spent on the naval, air and land forces that 
confront North Korea.
    Right now we are broadcasting into North Korea only 11 
hours a day. The target is 12 hours a day. It ought to be 24 
hours a day. And I believe that those broadcasts will undermine 
the regime, both with the people and the elite. I can't think 
of anything we can do for $8 million that would better express 
our dedication to the First Amendment and to posing 
difficulties for the North Korean regime.
    I would like to explore satellite television broadcasting 
into North Korea, another broad television broadcasting, 
because I particularly want to broadcast a particular movie, 
and I hope that we do the director's cut before they toned down 
the climactic scene.
    I commend to all of those on the committee the December 8th 
report, just a month old, issued by the Broadcasting Board of 
Governors, which of course oversees Voice of America and Radio 
Free Asia. This report was issued pursuant to the North Korean 
Human Rights Reauthorization Act that went through this 
    General Touhill. Yes, sir.
    Mr. Sherman. How certain are you, and I realize now you are 
out of government so you may not have seen all the information, 
that North Korea is the entity that both hacked Sony and 
threatened terrorist action on our--against our movie theaters?
    General Touhill. Well, thank you very much for the 
question, sir. Just for clarification. I just changed uniforms. 
I am still part of the government.
    Mr. Sherman. Oh.
    General Touhill. I retired from active duty and was 
recruited to come on board with DHS as the deputy assistant 
secretary for cybersecurity.
    Mr. Sherman. Thank you for that clarification.
    General Touhill. Thank you. Attribution of these type of 
events is not a function of my organization. It is a function 
of the intelligence and law enforcement communities. That said, 
I am very well familiar with the attribution methodology, the 
preservation of evidence, and the things that are done by the 
intelligence and the law enforcement communities, and based 
upon what I have seen and in consultation with my partners from 
both the intelligence communities and law enforcement 
communities, in this particular instance, I have--I have trust 
and confidence in their conclusions.
    Mr. Sherman. And you have seen more than some of these 
outside experts on 24-hour news channels that think they can 
second guess the FBI?
    General Touhill. Yes, sir. I have seen more than some of my 
colleagues in the private sector.
    Mr. Sherman. Thank you. I yield back.
    Chairman Royce. Thank you. We go to Mr. Mike McCaul.
    Mr. McCaul. I thank the chairman.
    Chairman Royce. By the way, our chairman of the Homeland 
    Mr. McCaul. I appreciate you mentioning me here. Thank you. 
We just passed a bill the last day of the last Congress, 5 
cyber security bills, one codifying, General, as you know, the 
NCIC, which is like the cyber command within DHS, giving you 
the congressional seal of approval. I see it as really the 
civilian portal to the private sector.
    When Sony happened, I had asked the question, well, which 
of the 16 critical infrastructures does this fall under, and it 
is a bit--it is not clear. I know the President is announcing a 
cyber plan this afternoon. I just got off the phone with the 
Secretary. I think the vision is to make the Department of 
Homeland Security the portal civilian interface to the private 
sector between the Federal Government and the private sector, 
sharing information from various data points, whether it be 
NSA, FBI through the NCIC to the private sector with liability 
protections to incentivize participation in this civilian 
interface safe harbor, if you will, within the Department.
    I just wanted to--and after this I want to talk about the 
foreign affairs aspect of cyber and the cyber jihad threat to 
CENTCOM that we just recently saw, but how do you view the role 
of NCIC of DHS broadening with respect to an event that 
happened with Sony?
    General Touhill. Well, thank you very much, sir, for the 
question, and thank you very much for your leadership in 
helping us with the legislation that just passed and your 
continued support of the Department. Thank you very much.
    As we take a look at the NCIC, integration is part of our 
name with the National Cybersecurity and Communications 
Integration Center, and as you mentioned, sir, you know, the 
law enforcement partners, the intelligence community, the other 
departments and agencies, and our private sector partners are 
all coming together as part of the NCIC team.
    On the floor of the NCIC, which I had the honor to direct 
on an acting basis from August through last month, the NCIC has 
the ability where we are bringing in folks from all aspects of 
our critical infrastructure, law enforcement, and the 
intelligence community, as well as representatives from the 
Department of Defense so that we are sharing information. We 
are very transparent with each other.
    The information ranges from top secret, sensitive 
compartmented information, down to unclassified information. 
And we are finding that these partnerships and having everybody 
co-located and working together is helping strengthen not only 
our situational awareness, but in getting solutions to issues 
as they come in.
    We are working together to secure and make our 
infrastructure more resilient by leveraging the activities of 
the NCIC. We have come a long way in the last couple of years, 
and as we look to the future, the legislation that is proposed 
and the activities that have already occurred are making us 
better able and capable.
    Mr. McCaul. Well, the vision I would like to see is it 
expands not just to the 16 critical infrastructures but really 
to the private sector so the Sonys of the world could 
participate in this as well, and I think that is the vision. 
And I--personally, I like the idea of the privacy groups came 
out so strongly in support of not only my legislation, but also 
your efforts, sir, at DHS because there is a robust privacy 
office at the Department of Homeland Security.
    I want to just close with, you know, we had the Sony attack 
and then we had yesterday an attack by cyber jihadists 
purporting to be on behalf of ISIS at CENTCOM saying, 
``American soldiers, we are coming. Watch your back. ISIS.'' 
This is disturbing because, as a threat, vectors develop, as we 
look at China, Russia, the normal ones, but Iran, becoming more 
sophisticated, and now with these jihadist groups that we have 
seen attempting to get this type of technology and this type of 
malware, now actually be successful at hacking into our 
CENTCOM, into our military, ISIS, this is severely disturbing 
to me.
    We don't know how to respond to these things. We don't--
proportional response, what does that mean? Act of warfare, 
what does that mean?
    And Mr. Chairman, I would like to work with you on a cyber 
agenda on this committee because it is outside the lanes of my 
committee in terms of what we do with other countries. Do we 
have a NATO alliance with cyber, one of the countries hit the 
other? What is the appropriate response when a nation state 
hits our infrastructures, and in this case, when a terrorist 
organization hits our military? General.
    General Touhill. Well, thank you very much, sir. To address 
the points. The first one about the attack and the attribution 
that it got into the CENTCOM networks. First of all, this was a 
commercial space, a Twitter account. It didn't--there was no 
compromise and there is no evidence of any penetration into 
government and specifically the military computer systems. 
Rather, it was a commercially-facing bulletin board, as it 
were, through the Twitter account, and certainly anytime there 
is a compromise of any account, it is serious business. And in 
talking with my partners in the Department of Defense and the 
FBI last night, they are investigating it with all due vigor, 
and I will be getting an update from them later today.
    Mr. McCaul. Just let me close with that, I think, Mr. 
Chairman, we have an opportunity to work in this committee on 
legislation that could deal with defining what is proportionate 
response, how other countries should respond with us, what is 
going to be the response of the United States of America when 
our companies are attacked and when our departments are 
attacked and when our military is under fire? And with that, I 
yield back.
    Chairman Royce. Thank you. By the way, Mr. McCaul, I would 
be happy to work with you. I was working with Mike Rogers on a 
piece of legislation, and maybe we can work together on 
cybersecurity, and I appreciate you bringing it up and look 
forward to working with Mr. Engel as well on those concepts, 
    We now go to Gerry Connolly from Virginia.
    Mr. Connolly. Thank you, Mr. Chairman. And Mr. McCaul, if 
you are looking for a Democrat, I will be glad to work with you 
on that as well.
    Chairman Royce. Balance in all things.
    Mr. Connolly. Cybersecurity is a really big issue in my 
district. We do a lot of work on it, so I would be delighted to 
help in any way, and I thank the chairman and ranking member 
for holding this hearing, and welcome to our panel.
    Your last comment, General, I think underscores something, 
though. I mean, the distinction between the private sector and 
the public sector when it comes to cybersecurity really isn't a 
helpful distinction. Eighty-five percent of the critical 
infrastructure in this country, for example, is controlled by 
the private sector. That doesn't mean we don't have a public 
sector interest in it, and the interface between social media 
and other things we may be doing in the public sector is often 
almost seamless and--because they are so connected.
    So that is why, it seems to me, we have got to be concerned 
even with the kind of attack that occurred the other day on 
social media and the Pentagon and better understand where the 
boundaries are, or even if we want to recognize there are 
boundaries. And I think Mr. McCaul was pointing out, too, we 
really need to be rethinking the codification of cybersecurity 
attacks and the severity and what it means from our point of 
view, not only U.S. law but, frankly, what it should mean in 
international law.
    When--you know, if you have a cyber Pearl Harbor, is that 
an act of war? I mean, at what point does the intensity and 
severity and magnitude constitute an aggressive act that has to 
be addressed?
    General Touhill. Thank you, sir, for that question, and the 
magnitude and severity of the rubric of crossing that line, 
when does it become an act of war, is one that has been hotly 
and actively debated for many years.
    Currently, the administration is working to put together a 
codified construct for the priorities and the prioritization 
and taking a look at it from a risk management and consequence 
management standpoint. That is still a work in progress, but 
ultimately, through our congressional processes and our 
constitutional processes, rather, you know, we will be making 
those determinations.
    Mr. Connolly. Right. I fully appreciate that is going to be 
a work in progress, but I think one of the tasks our Government 
faces and the international community faces is looking afresh 
at the legal codification of this subject because we are really 
at a very early stage, and I think that is--we want to make the 
international law serve as a tool and an ally in protecting.
    I am going to try to do this real quickly. Mr. Ambassador, 
does my memory serve me well that a few years ago probably the 
North Koreans helped shut down much of the banking system in 
South Korea for a day or two?
    Ambassador Kim. Instead there was a cyber attack on South 
Korean financial system.
    Mr. Connolly. And do we believe that was generated by the 
    Ambassador Kim. We believe so. More importantly, the South 
Korean authorities have indicated----
    Mr. Connolly. Yes.
    Ambassador Kim [continuing]. That it was.
    Mr. Connolly. And that was--I mean, think about it, 
virtually the entire banking system went down.
    Ambassador Kim. I don't recall the exact extent, but it was 
a serious attack on the----
    Mr. Connolly. And the South Korean economy, for example, 
ranks where in the world?
    Ambassador Kim. 10th or 11th.
    Mr. Connolly. Yeah. So the 10th or 11th largest economy in 
the world had its banking system shut down by a cyber attack, 
and I think that is a real warning in terms of both what the 
North's capability is and the vulnerability of a whole sector 
of not just South Korea's economy, but, frankly, our own as 
    China. How--how helpful do we think--you mentioned in your 
opening statement that China has been more forthcoming and we 
want them to be even more forthcoming, but the Chinese 
themselves are engaged in cybersecurity attacks in a very 
systematic way sponsored by the PLA. That is state-sponsored 
cybersecurity attacks, so how reliable do we think the Chinese 
are going to be in trying to rein in the North Koreans in their 
cybersecurity malfeasance?
    Ambassador Kim. Well, I will defer to General Touhill for 
part of the question.
    Mr. Connolly. Who are you--to whom?
    Ambassador Kim. To our DHS colleague----
    Mr. Connolly. Okay.
    Ambassador Kim [continuing]. For part of your question.
    Mr. Connolly. All right.
    Ambassador Kim. Just more generally, I do believe that the 
Chinese cooperation on the North Korean issue, all dimensions 
of it, has improved in recent years. I would point to their 
cooperation in the U.N. Security Council for passing a 
resolution act of the North Korean nuclear test last year as an 
example of how their cooperation has improved. I think it can 
improve much further, and we are going to continue to work on 
persuading the Chinese that when they think about their 
strategic interests, unconditionally defending North Korean 
    Mr. Connolly. Yes, but my question--we are limited in time, 
Mr. Ambassador. I understand all of that in general, but when 
it comes to this topic, cybersecurity, their hands are dirty.
    Ambassador Kim. Well----
    Mr. Connolly. And the question, why would we count on them 
to help us rein in North Korean cybersecurity attacks when they 
are engaged in it with all four paws in the snow?
    Ambassador Kim. Well, I think one of the reasons is that 
when they saw our company, Sony Pictures Entertainment attacked 
like this in such a disruptive manner, it should have been a 
wake-up call to Chinese.
    Mr. Connolly. Yes.
    Ambassador Kim. The Chinese contingencies are also subject 
to irresponsible attacks from countries like North Korea and--
    Mr. Connolly. I am sorry. We are running out of time, but 
thank you. General, did you want to comment?
    General Touhill. As we take a look at information sharing 
and the common threats and vulnerabilities that are out there, 
when we have a common threat, and as the Ambassador had 
mentioned, some of the things that were observed could just as 
easily threaten the Chinese, so it is in everyone's best 
interest to address the issues and make sure that everyone is a 
responsible member of the world community.
    Mr. Connolly. Well, Mr. Chairman, just a final observation. 
That sounds very noble and Boy Scout-like, but the fact is that 
the Chinese have been stealing military secrets from us, 
including weapons designs and bypassing, you know, the R&D 
stage for quite some time in a very systematic way. The 
Pentagon knows that because the Pentagon has been one of the 
biggest victims, and it just seems to me, I wouldn't rely on 
the Chinese in that respect on this subject given their record, 
and it is a problematic aspect of what we are talking about 
today. Thank you, Mr. Chairman.
    Chairman Royce. We go to Judge Poe of Texas.
    Mr. Poe. Thank you, Mr. Chairman. Thank you all for being 
here. Globally, there seems to be, among the many bad folks in 
the world, three main countries. You got Syria, you got Iran, 
and you got North Korea. I call them the SIK axis, S-I-K axis, 
because they are in different parts of the world, and they are 
a little sick. But I understand that the official definition of 
nuclear weapons from our Government is you have the bomb but 
you also have a delivery system. I want to divide that 
definition and just talk about the weapon, the bomb itself.
    Does North Korea have a bomb of some magnitude? Ambassador? 
It is just yes or no.
    Ambassador Kim. I wish I could just give you a simple yes-
or-no answer.
    Mr. Poe. Can you say yes or no? I just need a yes or no. 
Either they have got it or they don't have it.
    Ambassador Kim. Well, we know that they have continued to 
work on their nuclear capabilities.
    Mr. Poe. We all know that. Do they have the bomb, 
Ambassador? I just need an answer.
    Ambassador Kim. I am not sure I can say that.
    Mr. Poe. Mr. Glaser, you got an answer?
    Mr. Glaser. I would defer to the State Department on that.
    Mr. Poe. So you don't know whether they have a bomb or not.
    Mr. Glaser. As Ambassador Kim stated, North Korea has--
well, North Korea has conducted nuclear tests.
    Mr. Poe. And they have sent satellites into orbit.
    Mr. Glaser. They have conducted nuclear tests.
    Mr. Poe. All right. General, you going to pick a horse and 
ride it? Do they have a bomb or do they not have a bomb?
    General Touhill. Sir, I do not know.
    Mr. Poe. You don't know. All right.
    Now, I personally think they have the capability to make 
one based on hearings we have had in this committee. Looking on 
the other end, the delivery system. The President of North 
Korea said he wants to develop intercontinental ballistic 
missiles, and for some reason, he said he wants the first 
intercontinental missile to go to Austin, Texas. I take that a 
little personally, since I am from Texas.
    What is the status of the delivery system, if you know? 
    General Touhill. Sir, I do not know.
    Mr. Poe. Mr. Glaser?
    Mr. Glaser. It is----
    Mr. Poe. Do you know?
    Mr. Glaser [continuing]. Really not a Treasury Department 
issue, the status of the delivery system.
    Mr. Poe. How about you, Mr. Ambassador, back to you?
    Ambassador Kim. Sir, we will be happy to provide you a full 
briefing in a classified setting on their capabilities, both on 
nuclear and missiles.
    Mr. Poe. Okay. Well, we have had some open hearings. They 
have the ability, I understand, to develop and make, as they 
call it, a scud in a bucket. Are you familiar with that, Mr. 
Ambassador? A missile that can go from North Korea to South 
    Ambassador Kim. Yes, I am. Yes.
    Mr. Poe. They have the capability to do that?
    Ambassador Kim. Yes.
    Mr. Poe. All right. The United States used to have North 
Korea on a state sponsor of terror list, but it was removed in 
2008. Based on what you know, do you think it might be a good 
idea to put them back on the state sponsor of terror list, Mr. 
    Ambassador Kim. Sir, there is--as you know, there is very 
clear criteria on designating----
    Mr. Poe. Do you think they should be back on the list? I am 
just asking another yes-or-no question.
    Ambassador Kim. Sir, my personal opinion I don't think is 
    Mr. Poe. But that is what I want to know is your personal 
    Ambassador Kim. There is a criteria. There is a process, 
sir, and we are constantly evaluating all available 
intelligence and information to determine whether North Korea 
should be designated.
    Mr. Poe. How long is that evaluation going to take? I mean, 
after all, they are hacking into our cybersecurity in the 
United States. I mean, do you all have a time limit on how long 
you are going to take?
    Ambassador Kim. Sir, I understand your concern and 
frustration, but as a matter of law, the Secretary of State 
must determine that the government of that country has 
repeatedly provided support for acts of international 
terrorism, and we are in an ongoing process to determine 
whether North Koreans meet that criteria. If they do----
    Mr. Poe. Do you think that----
    Ambassador Kim. If they do, we will take immediate action.
    Mr. Poe. Excuse me, Mr. Kim, I am reclaiming my time. Do 
you think that hacking into our system is an act of terror or 
    Ambassador Kim. I believe that is beyond my----
    Mr. Poe. So you don't have an opinion.
    General, you got an opinion? You are in the military. Is 
that an act of terror or not? I mean, people are afraid to say 
it is an act of war. I am just wanting your opinion.
    General Touhill. I think, sir, as we take a look at this, 
this is something that should be part of the public debate, and 
we should have a conversation not necessarily constrained to 
this particular incident, but as we take a look to the future 
for any cyber incidents, we should have a public conversation 
as our next step.
    Mr. Poe. That is the diplomatic version, I assume, but it 
seems to me that it is an act of terror. We ought to strongly 
consider putting North Korea, these outlaws, on state sponsor 
of terrorism list. I don't know why we are so timid in doing 
that. It seems like the right thing to do. The logical thing to 
    I hope the State Department eventually makes up their mind 
before more of these attacks occur against the United States. I 
agree with Mr. Connolly when he said that the line is very thin 
between an attack upon the Government of the United States and 
attack on private industry in the United States. That seems to 
me to be an act, an attack, is a terrorist attack. Anyway, I 
will yield back, Mr. Chairman. Thank you.
    Chairman Royce. Very good. We go to Brian Higgins of New 
York. Mr. Higgins.
    Mr. Higgins. Thank you, Mr. Chairman. The nuclear missile 
and cyber threat of North Korea is profound. Now, the question 
is how does the United States respond to North Korea's cyber 
attack on Sony, an attack to punish Sony for making a movie 
that humiliated the Supreme Leader. United States' options are 
very few. Counterattack to weaken North Korea's political 
military and economic assets, highly ineffectual. Number two, 
relisting North Korea as a state sponsor of terrorism with new 
sanctions, and that, we don't have much of an economic 
relationship with North Korea. That, too, would be highly 
ineffectual. The serious threat posed by North Korea far 
exceeds cyber attacks. North Korean cyber attacks, I think, are 
indicative of future intent. Intent backed by considerable 
    There is only one geopolitical option equal to North 
Korea's threat, and that is to work with our allies, both new 
and old, to end North Korea's existence as an independent 
entity, and reunifying the Korean peninsula.
    North Korea's nuclear threat. North Korea has four to 10 
nuclear devices, and hundreds of short and intermediate range 
missiles. They have an active uranium and plutonium program, 
and it is not inconceivable that North Korea, in time, will 
have a nuclear capability to reach the United States.
    The North Korean regime is a proliferation threat. A decade 
ago, it was helping to build a nuclear reactor in Syria, and it 
is a potential source of missiles and nuclear materials to 
rogue states, including terrorists. North Korea has a serious 
conventional military which is a threat, an existential threat 
to the region. It has a population of 25 million people, and 
the fourth largest army in the world. North Korea's army is two 
times that of South Korea with its population which is half of 
South Korea.
    There are 28,500 American troops in South Korea. Further 
aggression by North Korea would bring the United States into a 
major costly and dangerous war. North Korea is a threat to its 
own people. Their crimes against humanity, crimes against their 
own people include extermination and murder, enslavement and 
forced starvation. One hundred thousand political prisoners 
held under horrendous conditions. North Korean cyber attacks 
against Sony are not new. North Korea regularly attacks South 
Korean banks and businesses.
    Also, there is a changing view of North Korea by its 
neighbors and only economic sponsor. China and South Korea have 
changed their views. The South Korean President used to be 
lukewarm to talk about a unified Korea. Today, the South Korean 
President speaks openly of reunification and of the enormous 
economic benefits of that unification.
    China is frustrated that North Korea ignores its request to 
freeze or dismantle its nuclear program. With a nuclear armed 
North Korea, South Korea and Japan will want or need to develop 
a nuclear weapons program. China increasingly is viewing North 
Korea as a strategic liability, not an asset. China views North 
Korea as a growing threat to China's stability, and China's 
ties to South Korea have flourished. China is South Korea's 
leading economic partner, and China's President regularly 
visits South Korea and not North Korea.
    So while the discussion here is centered on cyber attacks, 
I think there is a large discussion that needs to take place. 
Your thoughts.
    Ambassador Kim. Thank you, Congressman. I think you are 
absolutely right about China's evolving, improving relations 
with South Korea, and this is relevant to one of the points 
that one of your colleagues made earlier which is, I mean, what 
China's strategic perspective? I don't think we can continue to 
assume that unconditionally defending North Korean misbehavior 
is in China's strategic interest. In fact, I think there is an 
ongoing serious debate going on in Beijing on the future 
direction of their North Korean policy, and one of the reasons 
is because they see the future of their relationship with South 
Korea, a major trading relationship, huge flow of traffic, 
students, tourists, business people, and I think that is where 
the future is for China on the grand peninsula. And this is one 
of the reasons why we are starting to get more forthcoming 
cooperation from the Chinese with regards to dealing with North 
Korean threats and misbehavior.
    Ms. Ros-Lehtinen [presiding]. Gentleman's time is expired.
    Mr. Duncan of South Carolina.
    Mr. Duncan. Thank you, Madam Chairman. North Korea has a 
history of cooperation with a wide range of other rogue 
regimes, including Syria, Iran, and Cuba, although I don't 
guess it is politically correct to say Cuba is a rogue regime, 
but I am going to keep them on the list because I don't believe 
a tiger changes his stripes that quickly.
    Let's make some connections. North Korea. A North Korean 
ship was seized by Panama in July 2013. It was found to be 
carrying Cuban and Soviet air weapons from Cuba. It actually 
sailed through the Panama Canal to Cuba, turned its transponder 
off, went to Havana, was loaded with aircraft parts, MiG-21s, 
and other aircraft and military hardware covered with sugar, 
taken back to the Panama canal, seized by Panama, found--
discovered the weapons in the ship. Thirty-two crew members 
were released. The other three are still being held, I 
    So you have got the Cuban/North Korean connection there. 
Let's talk about Venezuela. Venezuela is Cuba's largest and 
best ally in the region and especially in the post-Soviet era. 
Venezuela. If I look back to, I guess, December 2011, 
Venezuela's top diplomat in Miami was linked to an alleged 
cyber terrorism plot against the U.S. in collusion with Iran. 
There is another rogue connection with Iran, and there has been 
flights from Tehran to Havana to Venezuela, I believe.
    So you have got Venezuela involved in cyber terrorism 
possibly against the United States, at least allegedly. You 
have got a Cuba connection with North Korea, and we have got 
now a North Korean cyber attack on an American company. 
Continues a lot of rogue nations involved in cyber terrorism 
and other things, so I have got to ask, Ambassador, how and to 
what extent is North Korea engaging with allies such as China, 
Russia, Iran, Syria, Cuba, and possibly maybe just by 
association, Venezuela, and the connection to cyber terrorism 
    Ambassador Kim. Generally speaking, we are obviously deeply 
concerned about North Korea's relations with some of the 
countries you mentioned. I mean, I don't have any specific 
information with regards to their cooperation in cyber attacks 
and cyber space, but we do know that North Koreans had 
relations with a number of the countries you mentioned, and it 
is something that we monitor very closely. The ship 
interdiction that you mentioned is one important example of how 
international cooperation can yield results on the sanctions 
front, and I think that is a very important point, because as 
the Congressman from New York mentioned, because of our limited 
dealings with North Korea directly, we need international 
cooperation to make sure that sanctions, both international and 
unilateral sanctions actually can be effective, and that the 
situation you mentioned is a perfect example of that.
    Mr. Duncan. Okay. Treasury, are you tracking money? Is 
there any evidence of money going from North Korea to Iran to 
Cuba to Venezuela, any of these connections, are you aware of 
any of that?
    Mr. Glaser. Yes, we spend a lot of time, obviously, working 
closely with the intelligence community that does--does the 
real tracking to try to identify North Korean financial 
networks wherever they might be, whether it is with the regime 
such as Iran or institutions in Iran, in Asia, potentially in 
South America.
    To be honest with you, I think when it comes to trying to 
apply financial pressure on North Korea, we shouldn't take our 
eye off the ball, and the ball is Asia. That is where North 
Korea gets its primary access to the international financial 
system. Asia broadly, certainly China specifically, and that 
is--as we divide strategies to try to put pressure on North 
Korea, that is----
    Mr. Duncan. They are sending some of that money in his 
hemisphere. They purchase weapons from Cuba.
    Mr. Glaser. And we responded, I mean, as Ambassador Kim----
    Mr. Duncan. I don't think Castro just gave them the 
    Mr. Glaser. Right. And that is--and again, that is why we 
look at KOMID, their primary arms dealer. There is other arms 
dealers we targeted. We are trying to go after those arms 
dealers. We are trying to go after the financial networks that 
support those arms dealers. Tanchon is the designated entity. 
That is the financial arm of KOMID. That is another entity that 
we go after.
    So what we are trying to do is make it more difficult, if 
not impossible, I don't know that you ever get to impossible, 
but certainly to disrupt and dismantle their ability to move 
these funds around the world and ultimately repatriate and use 
those funds. And that involves, as you point out, chasing the 
financial networks, but I think importantly what it involves is 
identifying where the financial nodes are that allows them to 
ultimately use those funds.
    Mr. Duncan. Okay. I am going to reclaim my time because you 
are aware of it, and I think you have answered the question for 
me. I want to ask on the cyber side. Are you----
    Ms. Ros-Lehtinen. Gentleman's times is expired. Thank you, 
Mr. Duncan.
    Mr. Lowenthal is recognized.
    Mr. Lowenthal. Thank you, Madam Chair. I am going to follow 
up on some questions that have already been asked, and I think 
to Ambassador Kim. You have already indicated that we are 
beginning to see indications that China, too, has grown weary 
of North Korea aggression. I think you answered that. I would 
like to know is there anything else that you could add--two 
questions. Is there anything else you can add to the evolving 
relationship that you haven't described between People's 
Republic of China and Pyongyang, and specifically also, what I 
am interested in as we go forward, how is the United States 
engaging the People's Republic of China and our common 
interests in a more stable Korea? What specifically are we 
doing as we go forward?
    Ambassador Kim. Thank you very much, Congressman. I think 
in terms of evolving relations between Beijing and Pyongyang, 
to me it is clear that Chinese are thinking much more seriously 
about their North Korea policy, and I think they are beginning 
to realize that when North Koreans misbehave, it hurts China's 
own interest. It is not a question of North Koreans misbehaving 
without any effect on China. China's own interests are harmed 
when North Koreans misbehave, and I think that affects Chinese 
approach in North Korea, affects their cooperation with us on 
how to deal with the threat posed by North Korea.
    One obvious example is if you look at the interaction 
between the leadership of China, South Korea, North Korea. Xi 
Jinping and Park Guen-hye have had numerous meetings in the 
first 2 years of their leadership. President Xi visited South 
Korea. President Park's second overseas visit after her 
election was to China after visiting the United States first, 
and a number of interactions in multilateral 4 as well. Zero 
interaction between Xi Jinping and Kim Jong Un. I think that 
actually says quite a bit about the state of relations between 
China and North Korea.
    I think we want to want to work with China so that they 
work more effective with us, they cooperate better with us in 
terms of sanctions enforcement, in terms of preventing North 
Korea from taking provocative actions, and also in terms of 
working toward a credible return to negotiations, because we 
haven't given up on negotiations. We do want to try to resolve 
the nuclear issue through the Six-Party process, and I think 
Chinese have a clear stake in that. For one thing, they chaired 
the Six-Party process.
    So we--this is a prominent topic between us and the Chinese 
at all levels. President Obama talks about it with President Xi 
at every meeting and on down, Secretary Kerry, et cetera, and 
this is an effort that will continue to take very seriously.
    Mr. Lowenthal. Thank you. My next question is to General 
Touhill. You have indicated to us that you are fairly satisfied 
that it really was the North Koreans in terms of the Sony cyber 
attack even though you are not able to discuss with us some of 
the classified--potentially classified information.
    Recently FBI Director James Comey, in responding to some of 
the same issues, has urged the intelligence community to 
declassify more details of the evidence to counter some of 
these skeptics. Can any of you--can you specifically talk to us 
about the status of declassification and whether we will be 
able to--what those discussions are and will we be able to see 
some of this information?
    General Touhill. Thank you very much for the question, sir. 
Regarding that particular declassification effort, I am not 
part of that conversation, but overall, our position has always 
been information sharing requires as transparent information 
transfer and declassification as much as possible. We believe 
that it is important to share information across the whole 
community as much as possible, so we are very much in favor of 
Director Comey's efforts.
    Mr. Lowenthal. The other question, the last question for 
any of you. Is there a potential fear on the part of the 
Chinese or others that there could be a collapse in the North 
Korean Government?
    Ambassador Kim. I mean, I think we think about--prepare for 
all contingencies on the peninsula. I don't think any of us 
have a magic insight into what might happen to the North Korean 
Government any time soon, but the important thing is that we 
continue to coordinate very closely with partners in the 
region, including China, so that we are best prepared--
effectively prepared for whatever happens on the peninsula.
    Mr. Lowenthal. Anyone else wish to take--General?
    General Touhill. I have nothing further to answer.
    Ms. Ros-Lehtinen. Gentleman's time is expired.
    Mr. Lowenthal. I yield back.
    Ms. Ros-Lehtinen. Thank you. And now we are so pleased to 
recognize Mr. Ribble of Wisconsin, a new member of our 
    Mr. Ribble. Thank you, Madam Chair, and I want to thank the 
panel. You guys have been patient this morning. Thanks for 
being here.
    Mr. Glaser, how large is North Korea's GDP?
    Mr. Glaser. I am sorry, Congressman. I don't have the exact 
number. It is relatively small certainly for a country that 
size, but we can get you the percentage.
    Mr. Ribble. Okay. Mr. Kim, do you know, by any chance?
    Ambassador Kim. Not offhand.
    Mr. Ribble. Okay. I mean, reports--reports would tell us it 
is somewhere in the range of 13 to 20 billion, somewhere in 
that. Does that sound reasonable to you? I want to go back to 
the line of questioning given that about 25 percent of their 
GDP is agriculture. It is really relatively small.
    Give you a point of reference. Sony pictures' annual 
revenue is 8 billion. So if their GDP is at the lower end of 
that spectrum, you remove the amount for agriculture, Sony's 
revenue is about the same size of their GDP, so this goes back 
to the money.
    I think ultimately if you can follow the money, you can get 
some sense of what their capabilities actually are. I am 
curious again on the money, where it is coming from, and could 
you talk to us a little bit about the use of forced labor in 
North Korea, and is that part of where the money is coming 
from, at least the workforce is coming from?
    Mr. Glaser. Well, as far as their access to hard currency, 
there is a little bit of legitimate trade that they engage in 
with a variety of countries. They also receive a significant 
amount of support from China, and then, of course, they engage 
in a variety of illicit activity to supplement their income.
    As you point out, they are a very small country. They 
really only care about the needs of the top echelons of their 
society. So by engaging in illicit activity and illicit 
financial activity, by engaging in conventional arm sales, they 
can raise hard currency that keeps things comfortable, at least 
for the small--you know, the small group of people that is on 
    That is why--you know, that presents us challenges and 
opportunities. The challenges are, they don't need broad 
access. When you are dealing with a country, say, like Iran and 
you look at our sanctions program with respect to Iran, it was 
a target-rich environment, and the idea was, you know, this is 
a large economy. We need to shut off broad access.
    We have already--you know, as I had the exchange with 
Chairman Royce, that has already been accomplished with North 
Korea based on actions that we have taken in the past and just 
based on the fact that they are--that they self-impose 
isolation on themselves. So the idea is trying to identify the 
nodes that you could put your finger on that really have an 
impact. Foreign Trade Bank, Daedong Bank, Daesong bank, these 
are points of access to the financial system, and then how do 
you work with--where will they get, you know, their key points 
of access, namely China, to persuade the Chinese that it is in 
Chinese interest.
    There has been a lot of questions on how do we--you know, 
why would China work with us? China is not going to do us any 
favors. China is going to work with us because it is precisely 
in their interest that North Korea not engage in illicit 
activity because it is precisely in their interest that North 
Korea not abuse their financial system, and we have seen their 
commercial banks make that decision time and again.
    So that is the challenge. That is the strategy. It is 
frustrating because it is difficult, but it is something that 
we have been committed to for 10 years, and it is something 
that we are committed to continue in.
    Mr. Ribble. And it is extraordinarily frustrating because 
the economy is so small. It is difficult to get it. That is why 
my question went more on forced labor and human trafficking, 
the element of revenue that is there because free labor is 
actually a large--could be a large number, and are you aware of 
the North Koreans using, in essence, forced labor to do 
construction or anything?
    Mr. Glaser. Sure. You know, North Korea is a human rights 
disaster, and as I said before, the North Korean Government 
bears full responsibility for all the misery that they inflict 
on their people. I would defer to Ambassador Kim to get into 
the details of how--of the precise mechanisms by which they 
oppress their people but certainly there have been extensive 
reports on the use of forced labor.
    Mr. Ribble. Ambassador Kim, would you would like to add 
    Ambassador Kim. Thank you. I would just add that we know 
that forced labor is a part of North Korean human rights abuse. 
We don't have any figures on how much that contributes to their 
GDP, but the important thing is that the North Korean human 
rights record is among the worst, if not the worst, and this is 
why we need to pay attention to this issue, and this is why I 
think what happened in the U.N. Context last year is so 
significant with both the Commission of Inquiry report findings 
as well as the overwhelming passage of the human rights 
    Mr. Ribble. Thank you, Madam Chair. I yield back.
    Chairman Royce [presiding]. And Mr. Ribble, there has been 
some good reporting on the use, for example, in forestry and 
other sectors, mining. But forestry, in particular, the use of 
chain gangs, North Korean, what would you call it, forced 
labor, in order to bring hard currency back into the country 
and the fact that those workers never see any of that money.
    We now go to Ms. Tulsi Gabbard of Hawaii.
    Ms. Gabbard. Thank you very much, Mr. Chairman. Thank you, 
gentlemen, for being here. Mr. Ambassador, it is good to see 
you again. As you know, and as is very apparent to all of my 
constituents, I come from Hawaii, which is a place 
geographically most closest to the Korean peninsula and a place 
where people, people who are not sitting in rooms like this, 
actually monitor and listen when North Korea beats its drums 
and delivers its threats, and when we learn about these nuclear 
tests and continual increased capabilities by North Korea 
because it is something that is real for everyday families in 
Hawaii who currently sit within range of North Korea's missile 
    I think it has been unfortunate that we have seen a 
disconnect in a lot of different ways. Some people within our 
Government, others who are so-called experts on North Korea who 
have really been very dismissive of the real threat that exists 
coming from North Korea, so I appreciate that we are having 
this hearing to kick off this year because it is a threat that 
we have to take seriously.
    My first question goes to Ambassador Kim and Mr. Glaser 
with regards to China. Clearly, China has expressed that it is 
in their best interest to continue to have stability, and it is 
good to see that they are interested in working with us to deal 
with the instability that is caused by North Korea's cycle of 
threats, and I am wondering what specific things, what specific 
targets are you looking for in working with China to deal with 
North Korea?
    Ambassador Kim. Thank you very much, Congresswoman. China 
obviously values stability on the peninsula, but as you 
suggest, I think they are beginning to realize that North 
Korean misbehavior causes instability on the peninsula, and 
that hurts China's interest.
    We are looking to improve our cooperation with China on 
several fronts. Number 1, on sanctions enforcement, and here I 
think we have seen some instances where Chinese enforcement has 
been strengthened considerably. We also want to work with them 
to make sure that North Koreans don't take any provocative 
actions, and over the years we have seen numerous examples of 
North Koreans taking irresponsible provocative actions; this 
cyber attack on Sony is just the latest example. But they have 
had attacks on South Korean assets, islands, et cetera. So we 
need to prevent North Koreans from acting that way.
    We also want to work with the Chinese on how we can get 
back to some credible and meaningful negotiations on 
denuclearization because we cannot forget that the North 
Koreans are continuing to pursue this dangerous program, and we 
need to work with China and other parties in the region to try 
to get this problem under control and work toward lasting, 
verifiable, and complete denuclearization of the Korean 
    Ms. Gabbard. Anything to add?
    Mr. Glaser. Just to go back to your question about the 
types of targets that we look for and that we work with the 
Chinese on. I guess you could think about it this way, that 
there are--the North Koreans, I would say, have two primary 
ways that they would access the international financial system, 
including the Chinese financial system, and that would be 
directly through their banks or that would be working through 
front companies or individuals who are disguised--disguise 
their true employer, their true origin. And so we would--we 
would want to, we do focus on both. We work with the Chinese on 
both. We try to share information on both with respect to 
financial institutions.
    As I said before, we have imposed sanctions on the major 
North Korean financial institutions that give it access to the 
financial systems, including Korea Kwan Sang Bank which has a 
branch in China, and this is obviously an issue that we raise 
on a regular basis with the Chinese. We have seen that there 
has been an impact, and the major Chinese banks have cut these 
institutions off.
    Now, there are many smaller banks in China, so there are 
many opportunities for them to gain access, but at least as far 
as the large commercial banks, we know we have had an impact. 
With respect to front companies, that is an ongoing challenge. 
We try to share information with our Chinese counterparts on 
that so that they could take steps to protect their financial 
system. Sometimes they follow up on that, sometimes we are less 
successful in persuading them to follow up on that type of 
    Ms. Gabbard. Just real quick. Sorry. I am about to run out 
of time. You had mentioned earlier when the chairman brought up 
hard currency sanctions, you had said that they had the impact 
that was intended. The policy, in my view, wasn't in place long 
enough to really have the impact that it could have to force 
major change within North Korea, so we would like to see how 
this policy will be pursued again. I am out of time.
    Mr. Glaser. Again, for 10 years now we have been trying to 
isolate North Korea from the international financial system. We 
have had a lot of success in doing that. As I said before, 
though, the problem is that they don't need broad access. They 
only need a few points of access to gain--to get what they 
need, which again presents challenges and opportunities. The 
challenges are finding those points of access. The 
opportunities are when you do find those points of access, you 
can have a major impact.
    So certainly the goal, the overall goal is for North Korea 
to act as a responsible member of the international community. 
We have not achieved that goal. That is an ongoing effort that 
is going to be not based solely on sanctions but our overall 
policy and all those things Ambassador Kim talked about.
    But from a Treasury perspective, we are going to keep doing 
our part of that which is keeping the pressure on and 
increasing that pressure as much as possible to try to present 
a starker choice for the North Korean regime as possible.
    Chairman Royce. Congresswoman, North Korea had indicated to 
State that they would open negotiations again. That is where 
the sanctions were lifted. Unfortunately it turned out they 
fibbed, and this has been sort of the problem with North Korea. 
We get a little leverage, and then they somehow manage to 
convince us that they are going to turn over a new leaf, the 
sanctions are lifted, and then after the fact, we find out they 
are full bore again, you know, developing toward their nuclear 
weapons programs. And I think the problem, at the end of the 
day, having talked to their former minister of propaganda who 
defected into China, at the end of the day, the problem is that 
their number one goal is to get that ICBM delivery capability 
for a nuclear weapon, and we should recognize that that is what 
is driving them, and cutting off their access of funds to do 
that is very much in our national interest.
    Let's go to Mr. Curt Clawson of Florida.
    Mr. Clawson. Thank you all. Excuse me. Express my 
appreciation to all three of you for coming here today and also 
your service to our country is noted, and we are very grateful 
for what you do.
    Let's drill down a little bit on something that was 
mentioned earlier if you all don't mind about submarines. The 
research group 38 North recently reported that North Korea may 
have installed vertical missile launch tubes on a submarine.
    Mr. Kim, does the administration concur that North Korea 
has installed missile launch tube capabilities on this 
submarine? Does the administration believe that North Korea is 
pursuing a sea-based nuclear strike capability? And what would 
the consequences of that sort of capability be for the region, 
for the security of our allies, and for the security of the 
United States? Thank you.
    Ambassador Kim. Thank you, Congressman. I don't have 
anything to offer in terms of specifically confirming the 38 
parallel report. As I said before, we are obviously deeply 
concerned that North Koreans are continuing to pursue many 
dangerous capabilities. We do know they have been interested in 
developing their submarine capabilities, so I would not rule 
anything out. But beyond that, I would be happy to arrange a 
classified briefing for you in which we can provide a fuller 
picture of our assessment of their capabilities at the moment.
    Mr. Clawson. I appreciate that offer. I think that would be 
excellent. And if, with their growing nuclear capability in the 
region in general, what does that imply for us and for our 
allies, not just in submarine?
    Ambassador Kim. I think it poses a grave threat to our 
allies in the region. It poses a grave threat to the U.S. 
directly, and this is why we need to intensify our effort on 
all aspects that we talked about this morning, which is on 
sanctions, making--trying our best to cut off funding for them 
to use on their dangerous programs, to working with our 
partners, and that brought in the international community to 
change, to borrow the chairman's words again, to change the 
equilibrium in North Korea so that they realize that they 
cannot continue to pursue their dangerous programs and hope to 
get out of this international isolation that they have been 
    One of your colleagues also mentioned earlier that the 
greatest threat--I believe it is Ranking Member Engel who 
eloquently mentioned that the greatest threat the North Koreans 
pose is to their own people, and I believe that is true. I 
mean, having visited North Korea several times myself, I have 
deep sympathy for the North Korean public, which has continued 
to suffer as a result of the leadership's bad decisions, and I 
think we need to try to work harder so that we are not only 
dealing with the dangerous nuclear and missile programs that 
North Koreans are continuing to pursue but also to try to 
improve the situation for the North Korean public which has 
been suffering so badly.
    Mr. Clawson. Thank you.
    Chairman Royce. Bill Keating from Massachusetts.
    Mr. Keating. Thank you, Mr. Chairman, and I would like to 
thank our witnesses for their patience and for being here. We 
talked a lot about the international community and how they can 
affect things. I am a member also of the Cybersecurity 
Subcommittee of the Homeland Security Committee. We realize we 
have to go further than just our own domestic abilities to 
influence the situation, and we have discussed China a great 
deal. But let me ask you a question about Russia.
    Russia continues to supply oil to Jong Un, and recently 
this reports, and I think it is for the first time that Kim 
Jong Un has favorably acted on an invitation from Russia to 
attend ceremonies in May commemorating the anniversary of World 
War II's ending. This, to my knowledge, is the first, one of 
the first public international visits that he will do as a 
supreme leader, so if you factor in those kind of issues, what 
is the relationship with Russia and North Korea in the opinion 
of any of the witnesses that would like to comment on that?
    Ambassador Kim. Thank you, Congressman. As you point out, 
Russia has recently had some senior level contact with North 
Korean officials. In fact, Kim Jong Un sent one of his top 
deputies to Moscow just recently. There has been some 
indication of Russian investment into North Korea, but I am 
convinced that the Russians do remain committed to our shared 
goal of denuclearization. In fact, if you look at the public 
statements that came out immediately following the senior North 
Korean officials visit to Moscow was all about Russia's 
commitment to the Six Party process, to denuclearization, and 
how they would strongly oppose a nuclear test by North Korea. 
So yes, the picture looks mixed, but I think fundamentally the 
Russians do remain committed to the goal of denuclearization.
    Mr. Keating. Do you think there is any possibility that 
North Korea did have some assistance either in the Sony attack 
or other attacks from other experts, and then, you know, not to 
deny that their sole responsibility as the instigator, but 
getting expertise they may not have had, could have that 
happened formally or even on the private side with Russia, 
given their expertise in this area? Are there any concerns that 
that might have been a factor?
    General Touhill. Thanks for that question, sir. You know, 
frankly there is--there is always that possibility. At this 
point, however, I have not seen any intelligence that indicates 
that. Thank you.
    Mr. Keating. Just lastly, because we did spend a great deal 
of time talking about China. What other Asian communities do 
you feel could be useful in our efforts to deter this kind of 
cyber activity? What other countries could we get assistance 
from allying together on this cause?
    General Touhill. Well, thank you, sir, for that question. 
As we have taken a look at it from the Department of Homeland 
Security and our information sharing, we have several different 
engagement organizations such as the Asian Pacific Computer 
Emergency Response Team, which we did, in fact, share 
information on, the collection of 21 different countries. We 
also used our International Watch and Warning Network 
membership and shared information out to over a dozen other 
countries. This really is something that has impact across 
many, many different countries, and we have leveraged all of 
our different partnerships across the international community 
to share information regarding this incident.
    Mr. Keating. Great. Well, thank you. I yield back, Mr. 
    Chairman Royce. Thank you. Thank you, Bill. We go now to 
Dave Trott of Michigan, a new member of this committee.
    Mr. Trott. I want to thank the chairman and all of you 
gentlemen for being here and allowing me to ask a few questions 
this afternoon. The first question is to Assistant Secretary 
Glaser. Do you think Executive Order 13687 is sufficient to 
accomplish our goals?
    Mr. Glaser. Again, Congressman, our goal is for North Korea 
to act as a responsible member of the international community, 
so certainly that Executive order standing alone is not--is not 
going to get us there. It is about all of the Executive orders, 
all of the financial tools we have, combined with all of the 
efforts that Sung and the State Department are engaged in, and 
even then, it is an incredibly difficult and frustrating issue. 
But I don't think a single action or a single Executive order 
is going to get us there, nor have we asserted that it would.
    Mr. Trott. Do you think our actions and Executive orders 
over the past 10 years have moved the ball forward or have we 
lost ground with respect to what we want to accomplish?
    Mr. Glaser. Again, it depends on what you are referring to 
specifically. I think that we have been quite successful in 
applying financial and economic pressure on North Korea.
    Mr. Trott. You think there are fewer human rights 
atrocities, you think they are paying greater heed to the U.N. 
After 10 years or not?
    Mr. Glaser. No, I don't. As I said, I don't think that we 
have achieved our goal of them acting responsible, absolutely 
    Mr. Trott. So does the Executive order give you the 
latitude that the chairman's bill that passed in the last 
Congress with respect to secondary sanctions or do you feel you 
need more to pursue those sanctions? Because I think earlier 
you, I believe you spoke and you said you supported the North 
Korean Sanctions Enforcement Act that the chairman introduced 
last year. Would that be a fair statement?
    Mr. Glaser. No. It is not for me to opine on that 
legislation at this point. What I can say is that what the new 
Executive order gives us is a flexibility that we haven't had 
before to target the North Korean Government, to target North 
Korean officials, and to target those, and this is to your 
point, that provide material support to any designated entity. 
That is not authority that we have had before, and that is 
authority that I am sure we will put to good use.
    Mr. Trott. So if this doesn't work as well as we hope, what 
is plan B?
    Mr. Glaser. Plan B with respect to sanctions?
    Mr. Trott. What if North Korea doesn't change its bad 
behavior, what is plan B?
    Mr. Glaser. Well, again, there is a broad policy that is 
trying to move North Korea in the right direction. From our 
perspective, we have a strategy that we have been implementing 
for many, many years now to try to increasingly isolate North 
Korea from the financial sector, and I think that we have a lot 
of success that we can show. I think it is one way to bring 
pressure to bear on precisely the people that we need to, which 
are the decision makers in North Korea, because they are the 
ones who benefit from that.
    But, again, the broad goal is not to bring financial 
pressure on North Korea, the broad goal is to effect a change 
in North Korean behavior. And as you point out, we are not 
there, and it is incredibly frustrating and it is something 
that we work on every day to try to change.
    Mr. Trott. Thank you.
    Ambassador, is there any expedited effort to review the 
criteria to designate North Korea as a State sponsor of 
    Ambassador Kim. So the criteria is set by law. So what we 
are doing is to evaluate all of the available intelligence and 
information to determine whether the North Koreans meet that 
    Mr. Trott. Any idea when that will be done?
    Ambassador Kim. Well, it is an ongoing process, but I think 
as soon as we make the determination that there is credible 
evidence to support designation, we will move forward.
    Mr. Trott. And what problems, let's say we made an 
egregious error and somehow concluded that they were actually 
not responsible for state-sponsored terrorism, what problems 
would be created for us? Would they stop being as friendly and 
cooperative as they have been?
    Ambassador Kim. So I think it is a fairly straightforward 
matter in which we are trying to meet the requirements of the 
law, which says that the Secretary of State must determine that 
the government of that country has repeatedly provided support 
for acts of international terrorism. And we are trying to 
determine whether the North Koreans meet that criteria, and 
when we do, we will move forward.
    Mr. Trott. Any idea when that will be done, again?
    Ambassador Kim. Again, I think it is an ongoing process.
    Mr. Trott. Okay. Ambassador, how does South Korea view our 
actions and the measures we have taken, would they like us to 
do more?
    Ambassador Kim. They have been very supportive. We have 
stayed in very close touch with South Korea, as well as other 
allies, including Japan. As I mentioned earlier, they issued a 
very strong condemnation of the attack on Sony and have 
expressed strong support for our reaction to the attack.
    Mr. Trott. Thank you.
    Yield my time. Thank you.
    Chairman Royce. Thank you.
    We go now to Mr. Tom Emmer of Minnesota, a new member of 
the committee.
    Mr. Emmer. Thank you, Chairman Royce and Ranking Member 
Engel, for holding this important hearing. I would also like to 
thank the committee staff for their work and their patience, 
and the distinguished panel for attending the hearing to 
provide us with their analysis.
    Ambassador Kim, David Albright, the president of the 
Institute for Science and International Security, has commented 
that the North Korean policy of President Barack Obama's 
administration has been called ``strategic patience.'' And 
recently the President said, in response to the hacking, the 
Sony hacking, that the U.S. would respond ``proportionally.'' 
Can you define that for me and comment, if you will, on this 
strategic patience reference?
    Ambassador Kim. Thank you, Congressman. Strategic patience, 
I think, has been misunderstood as our policy. It is not. It 
was just a description of the approach we were taking about 
resumption of negotiations, precisely because of some of the 
important lessons we have learned from our previous efforts in 
negotiating with the North Koreans, both in the Six-Party 
process, but also bilaterally earlier in the Agreed Framework 
days of the mid-1990s.
    We wanted to make sure to take a very deliberate, cautious 
approach in coordination with our partners so that if and when 
negotiations resume we would have a much better chance, much 
more credible chance of actually making some lasting progress 
on the nuclear issue. So strategic patience just simply 
referred to that approach. It was not necessarily our policy 
per se. And I think that is where we are still, which is to say 
that we want to make sure that there is adequate preparation 
and that there is demonstration of commitment from the North 
Koreans to denuclearization before we return to negotiations.
    Mr. Emmer. So, Mr. Ambassador, if I can then take you to 
the next part of my question. And I understand that the 
``proportional response'' language was in response to the Sony 
episode, but is the administration now signaling an increase in 
    Ambassador Kim. I think that would be accurate. As 
Assistant Secretary Glaser pointed out, the new Executive order 
signed by the President gives us tremendous flexibility and 
broad authority to go after targets. As we develop information, 
as we meet standards of evidence, we will designate more North 
Korean entities, North Korean personnel, and this will make it 
more difficult for them to pursue their dangerous programs.
    Mr. Emmer. There are so many questions, and you have been 
very patient for all the people that are here. And this is a 
new process for me, and I know that time is limited. So if you 
could just give me this.
    Ranking Member Engel at the beginning today talked about 
the delicate balance of holding the North Korean leaders 
accountable while at the same time being mindful of the 
oppressed population. Can you tell me, and maybe this is a 
combination of Ambassador Kim and the Assistant Secretary 
Glaser, but how are you doing that, managing that delicate 
balance, and can you give us specific examples of how these 
supposed expanded authorities under the recent Executive order 
are being applied?
    Mr. Glaser. Well, again, I fail to see how any actions that 
we have taken through our financial sanctions or other 
financial measures we have applied to North Korea have 
negatively impacted the Korean people. As I have said time and 
again, the misery of the Korean people is attributable entirely 
to the policies and decisions of the Government of North Korea.
    Why we have adopted the approach that we have adopted is 
for a couple of different reasons, one of which is that in 
order for the Government of North Korea to maintain itself it 
needs access to hard currency, it needs access to the 
international financial system--not a lot, but it does need it. 
So when you identify----
    Mr. Emmer. And the time is running out.
    Mr. Glaser. I am sorry.
    Mr. Emmer. So if I could claim back the time. Could you 
give me a specific example of how you are doing that since the 
Executive order?
    Mr. Glaser. Well, simultaneous with the Executive order it 
was announced that we had employed the Executive order with 
respect to 3 North Korean entities and 10 North Korean 
individuals. Importantly, with respect to those 10 individuals, 
8 of them were employees of KOMID, which is the primary 
conventional arms company of North Korea. One of the impacts of 
that, at least as it has been reported in the press, is that 
the Government of Namibia is considering expelling two of those 
individuals. Now, this is an important source of hard currency, 
conventional arms sales in Africa.
    So, look, I am not doing a victory lap about this, but it 
is an example, one example, and it is going to be an ongoing 
effort of how we can and how we will continue to use that 
    Mr. Emmer. Thank you very much.
    Chairman Royce. Mr. Issa of California.
    Mr. Issa. Thank you, Mr. Chairman.
    General, a couple of questions. You are familiar in the 
National Defense Authorization Act of late last year that 
applies now that it provides sanctions against anyone 
supporting or engaging in industrial espionage in 
cybersecurity. Is that correct?
    General Touhill. Yes, sir, I am aware of that.
    Mr. Issa. Now, let me just go through quickly a couple of 
questions. North Korea has no independent access to the 
Internet. Is that correct?
    General Touhill. That is correct.
    Mr. Issa. So they are entirely dependent on a single 
strand, so to speak, of IP that comes from China. Is that 
    General Touhill. That is my understanding, yes, sir.
    Mr. Issa. And do you happen to know what the bandwidth of 
that is, if it is publicly available?
    General Touhill. I do not know off the top of my head, sir. 
We can get that for you.
    Mr. Issa. For argument's sake, let's call it the equivalent 
of what one home has from Cox or Comcast. So they have a range 
of IPs provided by China as though they were being provided by 
Comcast here in the District of Columbia, one line coming in 
from China. Is that correct?
    General Touhill. In essence, sir, that is correct.
    Mr. Issa. So two questions. First of all, do you have high 
confidence today that North Korea participated in the Sony 
espionage and/or any other espionage in the last year?
    General Touhill. Based on the evidence that has been 
provided by the Intelligence Community and the law enforcement 
community regarding attribution, I have confidence in their 
conclusion, sir.
    Mr. Issa. So pursuant to the NDAA, you now have the ability 
to have sanctions based on that, correct? Beyond financial. I 
mean, sanctions are a broader term.
    General Touhill. Agreed.
    Mr. Issa. However, the NDAA said provide sanctions against 
anyone supporting or engaging. Wouldn't it inherently be said 
that since the only way North Korea had the ability to do this 
was through a route provided by the People's Republic of China, 
that mainland China, China itself, has in fact supported 
espionage? Reasonable assertion by the American people. 
Couldn't have done it without China, China gives them the 
lifeline. As we know, China monitors all of its Internet 
transactions, it doesn't have a true open Internet per se. 
China, in fact, had to know what you know. Isn't that correct?
    General Touhill. You know, at this point, sir--and thank 
you for that question--I do not know what China knew at the 
    Mr. Issa. Do they know now? Have we directed to them the 
knowledge that we have sufficient so they know that in fact 
their lifeline to the Internet was, in fact, engaged in 
espionage, in other words, supporting industrial espionage by 
North Korea?
    General Touhill. Sir, we have shared our information with 
the Chinese Computer Emergency Response Team, we have had 
telephone conversations with them as well, and we continue to 
exchange information regarding this incident.
    Mr. Issa. So based on that, my question, which goes to the 
very heart of not the sanctions on a country that is so 
isolated that the only thing we know for sure is that their 
people are at least 6 inches shorter than people in the south, 
in fact, since sanctions on North Korea are extreme and have 
not worked, because they simply do not care enough about their 
people to relieve their suffering, and since the Government of 
China now knows that their lifeline was used to conduct 
industrial espionage, are we and will we hold China responsible 
to be an active participant in preventing this in the future, 
or should we, in fact, this committee, consider that under the 
NDAA China would then, by supporting espionage, by not taking 
action, be in fact held accountable in the future?
    General Touhill. I would have to defer to my colleagues for 
that question.
    Mr. Issa. Well, we don't have a China desk person, but, Mr. 
Glaser, you are close enough. Do you agree that, in fact, if 
another country, anywhere, provides direct support, and the 
Internet line is by definition direct support, that, as we like 
to say, they either have to be part of the solution or they are 
part of the problem?
    Mr. Glaser. Thank you, Congressman. I wouldn't want to 
opine under the statute, but I could say that, at least from a 
Treasury Department perspective, we are fully committed to 
holding entities within China responsible, and we have 
demonstrated that we are willing to target entities within 
    Mr. Issa. Pursuant to China, the Government of China 
providing a line to the Government of Korea that has been used 
in industrial espionage.
    Mr. Glaser. Again, Congressman, I don't think I am familiar 
enough with the details of all the facts and intelligence on 
that particular line of questioning. All I can say is that we 
have demonstrated that with respect to the authorities that we 
have, that we are prepared to use them with respect to parties 
that need to be held accountable.
    Mr. Issa. Thank you.
    Mr. Chairman----
    Chairman Royce. It is a very good point and it is one that 
in dialogue with Beijing, I certainly think, Mr. Issa, should 
be explored, because you are right, that line obviously has 
been used. And I think the other consideration is the fact that 
some of those involved in the hacking in the past, maybe not 
currently, but in the past had training in Beijing, as some 
have training in Moscow. And so I think reminding Mr. Glaser of 
the necessity of discussing this with those who might enable 
this kind of activity is a good point for you to raise.
    Go ahead. You had the floor.
    Mr. Issa. I was only sort of befuddled that the general, 
who now has authority over cybersecurity ultimately, in the 
last days of last year we transferred principal authority over 
cybersecurity to Homeland Security, so the General is here, he 
can provide Mr. Glaser with the questions and answers as to 
whether or not China, one, government line, two, North Korea 
perpetrated this, and three, the real question, which is, if 
that lifeline remains in effect and another attack occurs or is 
occurring as we speak, how do we deal with China?
    Obviously, it is beyond the scope of this hearing, but I 
think it is an important one of will China be part of the 
solution actively or are we to continue basically dealing with 
sanctions over a country that seems almost immune to sanctions 
because they are almost immune to outside hard currency except 
when they sell conventional weapons and/or nuclear secrets and 
use that to gain hard currency. That is where the challenge of 
how do we get China as an open partner, and that is why I had 
that line of questioning.
    And I thank you for your indulgence, Mr. Chairman.
    Chairman Royce. Well, thank you.
    We go now to Mr. Ted Yoho of Florida.
    Thank you, Mr. Issa.
    Mr. Yoho. Thank you, Mr. Chairman.
    Gentlemen, I appreciate you being here. I want to go back 
to 1994. What was the original intent of the nuclear talks and 
the agreement? Wasn't it to get away from nuclear proliferation 
and get into energy production in North Korea?
    Ambassador Kim. Well, it was the same purpose that we are 
pursuing now, which is denuclearization, to make the North 
Koreans abandon their nuclear program.
    Mr. Yoho. So they entered into the North Korea Agreed 
Framework with the United States. That broke down and they kept 
building nuclear capabilities. At what point were there 
triggers or signs that we knew they weren't staying true to 
their mission to get away from nuclear proliferation and 
getting away from--or their getting into nuclear proliferation 
and getting away from energy production? What were those signs?
    Ambassador Kim. Well, we had credible evidence, 
intelligence, that the North Koreans were continuing to pursue 
nuclear programs despite entering into this Agreed Framework 
arrangement with us.
    Mr. Yoho. All right. I am asking you these questions 
because we didn't respond in a timely manner and I want to know 
what parallels there are between North Korea and where we are 
with Iran right now in the nuclear so we don't make the same 
mistakes. Do you see any that we need to pay attention more 
closely to make sure we don't make that same mistake with Iran?
    Ambassador Kim. I am not in a position to comment 
specifically on our ongoing efforts with Iran. But I will note 
in the North Korea context, as we discussed earlier with the 
chairman, we have learned some very important lessons from our 
previous efforts, both the Agreed Framework, as well as the 
Six-Party process, and I think this is causing us to move much 
more deliberately and much more cautiously toward any 
resumption of negotiations. Because we want to make sure that 
when we resume negotiations, that we are going to actually 
achieve lasting progress and not repeat the mistakes of what we 
    Mr. Yoho. That is exactly what we have to do, and we need 
to learn from the past so we don't make those mistakes with 
    General Touhill, what is your feeling on that as far as 
what we have learned from our negotiations with Korea and where 
we are at with Iran?
    General Touhill. Well, thank you for the question, sir. 
Frankly, that is out of the scope of my expertise.
    Mr. Yoho. Okay. I will come back to that. I have got some 
other questions here. One of these goes along the line of what 
Mr. Issa was saying. I can't imagine North Korea being able to 
act alone in this. And I don't know if it is right to say, but 
I would see China acting as the puppeteer or North Korea being 
the puppet or the stooge being directed by China. Do you feel 
the same way in this?
    General Touhill. Thank you very much for that question as 
well, sir. At this point, I don't have any indication or any 
information that would indicate anybody but those that have 
been attributed by the law enforcement community.
    Mr. Yoho. All right. Let me ask, Mr. Glaser, what do feel 
on that?
    Mr. Glaser. I don't have any information for you on the 
ongoing investigation, but I can say that while China and North 
Korea are allies, I don't think it is correct to say that 
everything North Korea does it does under Chinese instructions 
or even blessing.
    Mr. Yoho. But knowing their limited ability on the 
Internet, they have to be working with somebody, I would think.
    How about you, Ambassador Kim?
    Ambassador Kim. I think that is a very important question, 
and that is a question that interagency, including our 
Intelligence Community and our experts, should be looking at 
very closely to determine whether the requirements of NDAA 
sanctions are met by virtue of the fact that the North Koreans 
used an IP located in China. But I agree with Danny that there 
is no indication that the Chinese Government or Chinese 
authorities knew about the attack or in any way condoned the 
attack on Sony.
    Mr. Yoho. All right.
    One last point, and this goes off to my colleague, Mr. 
Connolly. He was talking about what constitutes a cyber attack 
and at what point do we deem it an act of war, how many people 
need to maybe die from it or how much damage needs to happen to 
a country. These are things that need to be answered so that 
there is clear definitions of what an act of war is, because 
right now I see just a big gray area, nobody is willing to 
commit. I think it would behoove the American Government, the 
American people, and improve our national security if we drew 
some lines and said, if you cross this line, this is considered 
an act of war.
    What are your thoughts on that, General?
    General Touhill. Thank you for that question. Frankly, sir, 
that has been debated in the war colleges for many years. And 
as a graduate of the War College, I believe that we should have 
that dialogue and we should----
    Mr. Yoho. I think we don't need anymore debates. I think we 
need to define it, because the day is coming, I mean, with what 
we are seeing.
    How about you, Mr. Glaser?
    Mr. Glaser. I am sorry, what constitutes an act of war 
falls well outside my area of expertise.
    Mr. Yoho. I am out of time here, so I am going to have to 
have you submit those, if you would, to the record.
    Thank you, Mr. Chairman.
    Chairman Royce. Thank you. Thank you, Mr. Yoho.
    And let me go now to Ileana Ros-Lehtinen, chairman emeritus 
for this committee.
    Ms. Ros-Lehtinen. Thank you so much, Mr. Chairman.
    Thank you, gentlemen.
    Following up on Mr. Duncan's point earlier on the North 
Korea-Cuba nexus, in 2014, just recently, North Korea attempted 
to ship from Cuba a concealed shipment of ``various components 
of surface-to-air missile systems and launchers, MiG-21 jet 
fighters, parts and engines, shell casings, rocket-propelled 
projectiles, and other ammunition.''
    Now, our Treasury Department did penalize the North 
Koreans--we thank you, Mr. Glaser--but not their enablers: The 
Cuban regime. Why not sanction Cuba for aiding and abetting the 
North Koreans?
    Now, this illegal shipment of military hardware, I just 
read a little snippet of parts of what it entailed, were 
traveling from Cuba to North Korea in containers filled with 
sugar, quickly melting sugar. Panamanian officials stopped it 
at the canal, and the North Korean captain attempted to commit 
suicide. He didn't try to commit suicide because he feared U.N. 
Sanctions or he feared U.S. sanctions. He feared the revenge of 
Kim Jong Un.
    Now, I want to know why we don't sanction Cuba for aiding 
and abetting the North Koreans and why didn't we work with the 
U.N. So that the U.N. Could impose their sanctions. You 
correctly point out, Ambassador Kim, that sanctions are 
important. This is what the U.N. Response was. This is the 
Security Council committee four-page, strongly worded memo. 
That is what Cuba got. It said, the concealed cargo of arms and 
related materiel, illicit cargo, to include the hazardous 
cargo, was not declared on the ship's manifest and the cargo 
was hidden under 218,000 bags of raw sugar.
    But, boy, they got really tough. They said, the committee 
encourages all member states to remain vigilant regarding their 
obligations and responsibility to inspect suspect cargo to 
prevent prohibited items going to and from the DPRK and to 
ensure the relevant national implementing instruments, blah, 
blah, blah, blah, blah. In regard, the committee draws the 
attention of member states to security resolution--oh, my 
    This is all that happened, when they were shipping MiGs and 
everything else under melting sugar. And you talk about the 
sanctions and how important they are, yet the Treasury 
Department looked the other way. It was like that ship just 
came magically from Cuba, a phantom ship, violating all kinds 
of sanctions of the U.S. and the United Nations, and there was 
no penalty to pay. So we wonder why North Korea does what it is 
doing and why it is in cahoots with other rogue nations. So I 
encourage you to be a little tougher. It takes two to tango. 
North Korea was not shipping these on their own.
    And lastly, Mr. Chairman, I know I am out of time, but on 
WIPO, I have been very concerned about this, and with former 
Ranking Member Howard Berman we asked for an investigation on 
the transfer of U.S. origin technology by the U.N.'s World 
Intellectual Property Organization (WIPO) to North Korea and 
Iran. And it was clear that this administration did nothing to 
prevent WIPO from transferring sensitive dual-use technology to 
North Korea and that it has not taken the threat of technology 
transfer seriously.
    Incredibly, after WIPO Director General Francis Gurry 
knowingly withheld the organization's transactions with North 
Korea in 2012, in violation of U.N. Security Council 
resolutions, WIPO again ran a controversial mission to North 
Korea last June and has been less than forthcoming with details 
about that mission. Yet not only was Gurry not held 
accountable, he was once again reappointed, in May 2014, as 
director general of WIPO, with little resistance from the Obama 
administration. We just looked the other way.
    What are we going to do to prevent U.S. technology and U.S. 
taxpayer dollars from being transferred in the future when we 
have that kind of an attitude? We don't have much time, you 
don't need to answer. Sanctions are important, we need to 
implement them. A strongly worded memo from either the Treasury 
or the U.N. Is not going to do the trick, it is not going to 
stop anybody.
    Thank you, Mr. Chairman.
    Chairman Royce. Thank you.
    In adjourning here, let me thank our witnesses, but let me 
also say that Mr. Engel and myself look forward to working with 
State and Treasury. We are going to bring this legislation up 
again that we passed into the Senate last year, and we are 
going to try to move it fairly quickly. So we will be meeting 
with all of you.
    And I think that, frankly, a lot of these actions against 
North Korea have been very long in coming. And for those of us 
that have urged a more robust response, we want to make certain 
the tools are there to do it, do it effectively, and cut off 
the hard currency for the regime. So we will be in contact with 
you. Thank you very much for your testimony.
    [Whereupon, at 12:37 p.m., the committee was adjourned.]


                            A P P E N D I X


                   Material Submitted for the Record