In Responding To North Korea’s Cyber Attacks, The U.S. Has Limited Options

There's not a whole lot the United States can do to respond effectively and proportionally to North Korea's hacking attack against Sony.

North Korea

Although careful not to call it an act of war, President Obama has made clear that he does intend for their to be some sort of response by the United States to the hacking attack against Sony Pictures and the related threats of unspecified acts of terror if Sony released the move ‘The Interview,” which depicts the assassination of North Korean leader Kim Jong Un and which the F.B.I. has specifically tied to North Korea. As The Atlantic’s Adam Chandler notes, though, our options may be quite limited:

As Reuters points out, Washington may not have a lot of options. Despite decades of sanctions against the isolated communist regime, “the U.S. Treasury has so far directly sanctioned only 41 companies and entities and 22 individuals.”

Compare that to Russia or Iran, whose economies have been laid low by a strenuous sanctions regime across several industries and against countless companies and individuals. Part of it is that North Korea doesn’t have much of an economy to punish. According to CIA figures, the country ranks 198 out of 228 in gross domestic product with just 1.3 percent growth in 2012. Reuters also pointed to Pyongyang’s aversion to traditional banks, saying that the country has “become expert in hiding its often criminal money-raising activities.”

But there’s much more to it than that. Scott Snyder, a Senior Fellow for Korea Studies and Director of the Program on U.S.-Korea Policy at the Council for Foreign Relations, has his own take on l’affaire Sony.

He explained that part of why it’s difficult to sanction and further isolate North Korea is that Pyongyang “isn’t integrated with the rest of the world.” That has made the country difficult to sanction or punish in the past as well. As Snyder reminds us, this isn’t the first time we’ve had trouble with North Korea.

Historically, I think that North Korea has a record of having engaged in provocations that have international ramifications with relative impunity. So if we go back and look at the record of controversial provocations, we see the difficulty and the challenge of holding them to account. It goes back decades.

Those transgressions have included, at least recently, the holding of American hostages, the (alleged) sinking of a South Korean boat in 2010, along with thebombardment of a South Korean island. Given that the United States has now named North Korea in the Sony hacks and given what’s already happened, Snyder says we shouldn’t expect much to come of it.

“All of these are examples of cases that have resulted in behavior or responses that are pretty exceptional compared to the way that other countries have been dealt with in similar circumstances,” Snyder explains.

These factors are not unique to the fact that we are dealing with an act that has largely taken place in cyberspace, of course. Rather, they are issues that the United States and the West have had to deal with for some time now when deciding what to do about any number of the many North Korean provocations that have seem to occur every few years going back some twenty years now when the still largely reclusive regime seemingly emerged back into the headlines with news that it was seeking to develop a nuclear energy program, and later nuclear weapons and a missile system that would be capable of delivering those weapons. Because the DPRK is already so separated from the rest of the world in ways that Iran, China, and the Russia are not, or indeed even the Soviet Union and the Warsaw Pact were not during the height of the Cold War, Over the years, we have done much to cut the North Koreans off from the limited contact that they do have with the outside world when they misbehave, such as by withholding aid or attempting to cut off their access to foreign currency markets or to the foreign luxuries that Kim Jong Un, his father, his grandfather, and their cronies have long known to be fond of. However, thanks to the fact that the country has never been integrated into the wold economy to begin with, that it really doesn’t have access to the Internet, and that will continue to be able to weather whatever economic sanctions might be imposed against it as long as the regime is being propped up by China, which largely sees the DPRK as a buffer zone between itself and the prospect of a pro-U.S. regime just across the Yalu river in the event that the Pyongyang regime collapses.

As the same time, of course, military responses seem to be off the table except in the most egregious of theoretical circumstances. For one thing, the idea a limited military engagement with North Korea seems unlikely, or at least quite hard to guarantee. Yes, there have been a few occasions on which the North and South Koreans have traded artillery fire over disputed islands and such, but for the most part the West has been very restrained in using military force in these situations precisely because the North Koreans have been so unpredictable that one can never know how they will respond in such a situation. As has been noted before, while it’s fairly clear that the DPRK would lose a full-scale military engagement with the South and the United States, it would be able to inflict serious damage on the South, and most likely on parts of Japan and American military bases in the area as well, in the process. Because of that, it’s generally been the strategy of the West to tread lightly when it comes to confronting North Korea militarily. Added into this, of course, is the question of whether or not military action can be considered a proportional response to a cyber attack. As James Joyner noted this morning, a cyber attack directed against “critical infrastructure (power grids, transportation systems, and the like) or major military systems” in order to rise to the level of the type of attack that may require considering a military response. Hacking into corporate servers and revealing confidential information, even when combined with the threats related to the movie, doesn’t seem to rise to that level even if it does warrant a response of some kind. Even in those cases, though, the choice to engage in military action against the North is one that would have to be considered very carefully because of the potential consequences of such action.

The North Koreans, of course, are well aware of their relative isolation from the world and the fact that there seems to be very little that the world can do to respond when they do something irresponsible and outrageous as has occurred here. No doubt, that’s one reason they feel free to engage in such activity. Responding to those actions by, say, putting North Korea back on the list of state sponsors of terrorism, which is apparently one of the options that the United States is considering in response to the hacking attack, likely matters very little to them. As long as that happens, and until the Chinese decide they’ve had enough, controlling North Korea is going to continue to prove to be a difficult nation to control to say the least.

FILED UNDER: Military Affairs, National Security, ,
Doug Mataconis
About Doug Mataconis
Doug holds a B.A. in Political Science from Rutgers University and J.D. from George Mason University School of Law. He joined the staff of OTB in May 2010. Before joining OTB, he wrote at Below The BeltwayThe Liberty Papers, and United Liberty Follow Doug on Twitter | Facebook

Comments

  1. Dave Schuler says:

    Alternatives (other than military action or cyber counter-attack) include putting North Korea back on the list of sponsors of terrorism and cracking down on banks that launder money for North Korea.

    However, our best course of action is through negotiations with China.




    0



    0
  2. Davebo says:

    I’m not at all convinced that N. Korea is behind the hack though they will happily take credit for it with their non-denial denial.




    0



    0
  3. bill says:

    it has to be done “under the table”, that’s why we have the cia and such. and the payback shouldn’t make it to any press conference, ever.




    0



    0
  4. Slugger says:

    How about ignoring it? One does not have to respond every time some booger eater gives you the finger.




    0



    0
  5. RGardner says:

    Calling Remo Williams . NORK seems to exists in a different reality. I managed about 10 minutes of this before I called uncle.




    0



    0
  6. Tyrell says:

    Think about the last week or so:: terrorist attacks and kills people in Australia, terrorists murder children in Pakistan, North Korea hackers attack and intimidate major corporation, 3 police officers killed in one day, ISIS grows stronger, North Korea announces that it will speed nuclear development, North Korea makes more threats. The only bit of good news was that there is some light at the end of the tunnel concerning the “Cold War” with Cuba.
    Even the local news is the latest wrecks, arrest/ mug shot list, and bad economic news.
    Too much. I am taking a hiatus, a time out, a tune out, and drop out. I will spend the next several days reading (Palioni, Riordan, Clare, Patterson), watching Christmas movies, hanging out at coffee/ donut joints, and 6:am Christmas shopping. Enough bad news for awhile, I am pulling the plug on the news stations.




    0



    0
  7. CET says:

    @Slugger:

    I’m with you on this. I really don’t understand why this merits a response from the government. This may have been embarrassing for Sony (which, IIRC, is Japanese to the extent that corporations have nationalities), but I think that a big multinational like that can take care of itself. AFAIK no information of any military or diplomatic significance was taken, and no damage was done to any US interests.

    This a complete non-issue, especially compared with events like the sinking of the Cheonan, or shelling Yeonpyeong, or lobbing Rodong missiles towards Japan.




    0



    0