Cybersecurity

Congress sends North Korea cyber sanctions bill to Obama

A bill to sanction North Korea for its burgeoning cyber warfare efforts is headed to President Obama’s desk.

The House on Friday approved the North Korea Sanctions Policy and Enhancement Act, which would mandate penalties on those caught aiding the country’s nefarious cyber campaigns. The measure would also sanction individuals involved in Pyongyang’s nuclear program or in the censorship of the regime’s well-documented human rights abuses.

{mosads}The legislation comes amid a new round of belligerent behavior from Pyongyang that has returned the spotlight to the once tech-averse state. In recent weeks, the reclusive East Asian nation has fired a long-range rocket, restarted a nuclear reactor and claimed to have tested a hydrogen bomb.

South Korea in late January also accused Pyongyang of running a cyber campaign to plant malware on government networks.

The House initially passed the sanctions bill in January, but the Senate tacked on several additional provisions before passing its companion version this week, necessitating either a second vote in the House or a conference committee between the chambers.

But the relatively noncontroversial bill, which passed the Senate 96-0, was able to breeze through the House a second time by a 408-2 vote.

Sen. Bob Menendez (D-N.J.), a co-sponsor of the Senate’s expanded version of the bill, called the legislation the “most comprehensive strategy to deal with the challenge that North Korea presents,” including “its aggressive cyber warfare.”

For Republicans, the measure also serves as a rebuke of the Obama administration’s policy toward North Korea’s cyber program.

The White House last year hit Pyongyang with sanctions for its alleged cyberattack on Sony Pictures Entertainment.

President Obama then signed an executive order giving the Treasury Department the permanent authority to crack down on individuals or entities behind hacks and digital espionage.

But Sen. Cory Gardner (R-Colo.), who also backed the upper chamber’s bill, insisted those steps aren’t nearly enough.

“We’ve really seen nothing but executive inaction,” Gardner told The Hill last week, referencing the fact that the Obama administration has not yet wielded its new cyber sanctions authority. “Sure, he issued a couple executive orders, but have we actually seen anything be carried out underneath it?”

Gardner also said the measure could serve as a model for raising the stakes on other digital adversaries, such as Russia, China and Iran.

“This will be a model for what we do as other bad actors try to attack the United States through cyber means,” he told The Hill.