As promised, President Obama has issued a formal U.S. response regarding North Korea's alleged attack on Sony Pictures Entertainment – a measure that comes in the form of imposing additional sanctions against the country.
On Friday, the U.S. Department of the Treasury announced that Obama signed an executive order which placed “financial pressure on the government of North Korea, including its agencies, instrumentalities, and controlled entities," a release from the agency said.
Three North Korean entities – the Reconnaissance General Bureau (the country's primarily intelligence organization), Korea Mining Development Trading Corporation (KOMID), and Korea Tangun Trading Corporation – were designated as being targeted by the sanctions and, therefore, prohibited from receiving U.S. funds, goods, or services. Ten individuals, including North Korean government officials Kil Jong Hun and Kim Kwang Yon, were also denied “access to the U.S. financial system” as well as entry into the country while the sanctions remain in place, the Treasury Department said.
“This step reflects the ongoing commitment of the United States to hold North Korea accountable for its destabilizing, destructive, and repressive actions, particularly its efforts to undermine U.S. cyber-security and intimidate U.S. businesses and artists exercising their right of freedom of speech,” the release said.
President Obama's executive order, signed Friday, can be read in full here (PDF).
Last month, the FBI concluded that the North Korean government was behind the major cyber attack on Sony Pictures. At the time, the FBI didn't mention specific methods as to how the information was gathered, but it said that a technical analysis of the data-wiping malware used in the Sony hack, as well as the attack infrastructure, revealed connections to previous North Korean actors and malicious cyber activity linked to the country.
Despite assertions that North Korea fostered the hackers who targeted Sony in late 2014, a faction of security practitioners continue to debate whether the acts are linked solely, or in part, to the country.
In a Monday interview, Jonathan Sander, strategy and research officer for STEALTHbits Technologies, told SCMagazine.com that, given the nature of the wiper malware that struck Sony's systems, attribution is “extremely difficult,” and something that is “going to take time” to determine.