[House Hearing, 118 Congress]
[From the U.S. Government Publishing Office]


                  ILLICIT IT: BANKROLLING KIM JONG UN

=======================================================================

                                HEARING

                               BEFORE THE

                       SUBCOMMITTEE INDO-PACIFIC

                                 OF THE

                      COMMITTEE ON FOREIGN AFFAIRS
                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED EIGHTEENTH CONGRESS

                             FIRST SESSION

                               __________

                             July 27, 2023

                               __________

                           Serial No. 118-44

                               __________

        Printed for the use of the Committee on Foreign Affairs
        
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]        


       Available:  http://www.foreignaffairs.house.gov/, http://
                            docs.house.gov, 
                       or http://www.govinfo.gov
                       
                               __________
        
                                
                    U.S. GOVERNMENT PUBLISHING OFFICE                    
53-353 PDF                  WASHINGTON : 2024                    
          
-----------------------------------------------------------------------------------     
 
                      COMMITTEE ON FOREIGN AFFAIRS

CHRISTOPHER H. SMITH, New Jersey     	GREGORY MEEKS, New Yok, Ranking 
JOE WILSON, South Carolina               	Member
SCOTT PERRY, Pennsylvania	 	BRAD SHERMAN, California
DARRELL ISSA, California		GERALD E. CONNOLLY, Virginia
ANN WAGNER, Missouri			WILLIAM KEATING, Massachusetts
BRIAN MAST, Florida			DAVID CICILLINE, Rhode Island
KEN BUCK, Colorado			AMI BERA, California
TIM BURCHETT, Tennessee			JOAQUIN CASTRO, Texas
MARK E. GREEN, Tennessee		DINA TITUS, Nevada
ANDY BARR, Kentucky			TED LIEU, California
RONNY JACKSON, Texas			SUSAN WILD, Pennsylvania
YOUNG KIM, California			DEAN PHILLIPS, Minnesota
MARIA ELVIRA SALAZAR, Florida		COLIN ALLRED, Texas
BILL HUIZENGA, Michigan			ANDY KIM, New Jersey
AUMUA AMATA COLEMAN-RADEWAGEN,   	SARA JACOBS, California
  American Samoa			KATHY MANNING, North Carolina
FRENCH HILL, Arkansas			SHEILA CHERFILUS-MCCORMICK, 
WARREN DAVIDSON, Ohio			 	Florida	
JIM BAIRD, Indiana			GREG STANTON, Arizona
MICHAEL WALTZ, Florida			MADELEINE DEAN, Pennsylvania
THOMAS KEAN, JR., New Jersey		JARED MOSKOWITZ, Florida
MICHAEL LAWLER, New York		JONATHAN JACOBS, Illinois
CORY MILLS, Florida			SYDNEY KAMLAGER-DOVE, California
RICH MCCORMICK, Georgia			JIM COSTA, California
NATHANIEL MORAN, Texas			JASON CROW, Colorado
JOHN JAMES, Michigan			BRAD SCHNEIDER. Illinois
KEITH SELF, Texas      
                                    
                    Brenden Shields, Staff Director
                    Sophia Lafargue, Staff Director
                                 ------                                

                      Subcommittee on Indo-Pacific

                       YOUNG KIM, California, Chair 
                       
ANN WAGNER, Missouri	    	AMI BERA, California, Ranking Member                     
KEN BUCK, Colorado          	ANDY KIM, New Jersey         
MARK GREEN, Tennessee  	    	BRAD SHERMAN, California
ANDY BARR, Kentucky	    	GERALD CONNOLLY, Virginia 
AMATA RADAWAGEN, American Samoa	WILLIAM KEATING, Massachusetts
WARREN DAVIDSON, Ohio		JOAQUIN CASTRO, Texas
MICHAEL WALTZ, Florida	 								
                  
                       Mary Vigil, Staff Director
                            
                            C O N T E N T S

                              ----------                              
                                                                   Page

                               WITNESSES

Klinger, Bruce, Senior Research Fellow for Northeast Asia, The 
  Heritage Foundation's Asian Studies Center.....................     7
Lee, Jean, Journalist, Former Pyongyang Bureau Chief, Associated 
  Press..........................................................    20
Scholte, Suzanne, President, Defense Forum Foundation............    29
Jun, Jenny, Research Fellow, Center for Security and Emerging 
  Technology.....................................................    39

                       INFORMATION FOR THE RECORD

Information submitted for the record.............................    47

                                APPENDIX

Hearing Notice...................................................    87
Hearing Minutes..................................................    89
Hearing Attendance...............................................    90

             ADDITIONAL MATERIALS SUBMITTED FOR THE RECORD

CRDF Global: The DPRK'S Evasion of U.S. and UN Sanctions.........    91
North Korea's Human Rights Situation: Focusing on Overseas 
  Workers and Defectors..........................................    92
The Root of All Evil.............................................   112

 
                  ILLICIT IT: BANKROLLING KIM JONG UN

                        Thursday, July 27, 2023

                          House of Representatives,
                  Subcommittee on the Indo-Pacific,
                      Committee on Foreign Affairs,
                                                    Washington, DC.

    The subcommittee met, pursuant to notice, at 2:22 p.m., in 
room 2200, Rayburn House Office Building, Hon. Young Kim (chair 
of the subcommittee) presiding.
    Mrs. Kim of California. The Subcommittee on the Indo-
Pacific of the Foreign Affairs Committee will come to order.
    The purpose of this hearing is to examine how North Korea 
is using illicit cybertactics to undermine international 
sanctions and fund its nuclear weapons program. I now recognize 
myself for an opening statement.
    First of all, thank you so much for your patience. We had 
delays after delays in today's committee hearings we were 
involved in, and, as well as the vote series.
    So, we are here, thank you, Ranking Member, for being here. 
Today marks the 70th anniversary of the signing of the Korean 
War armistice, which ended hostilities on the Korean peninsula.
    In solemn recognition of this anniversary, I am holding 
this hearing entitled Illicit IT: Bankrolling Kim Jong Un to 
highlight the atrocities of the Kim regime and to shed a light 
on how the regime is able to circumvent international sanctions 
to fund its human rights abuses and its nuclear program.
    As a Korean-American with family members who fled North 
Korea during the Korean War, this is an issue that is deeply 
personal to me. Having grown up in South Korea in the aftermath 
of the Korean War, it is an honor for me to hold this hearing 
as Chairwoman of the Indo-Pacific Subcommittee.
    I salute this to South Koreans who bravely fought for their 
freedom and to American troops who answered the call to defend 
a country they never knew and a people they never met.
    Since the collapse of the 2018 peace talks in Hanoi, North 
Korea has significantly ramped up its nuclear aggression. It is 
launching intercontinental ballistic missiles more frequently. 
And, with each launch is improving its arsenal.
    Given that North Korea is one of the most heavily 
sanctioned countries in the world, this begs a careful 
examination from Congress as to how North Korea is able to 
generate enough revenue to continue expanding its arsenal.
    North Korea engages in a long list of illicit activities, 
including human trafficking, slave labor, drug trafficking, 
arms proliferation, and cybercrime to generate revenue and 
sabotage the free world. Today's hearing focuses on the latter.
    The North Korean Cyber Army works side by side with the 
Korean People's Army, supporting its espionage and sabotage 
missions. In March 2023, North Korean hackers launched a large 
scale cyberattack against the software firm 3CX, which affected 
thousands of businesses, including in the healthcare industry 
that stores sensitive information about their customers and 
patients.
    North Korea also uses cyberattacks to generate revenue for 
its nuclear program. We reasonably believe that North Korea was 
behind the 2017 WannaCry ransomware attack which affected 
300,000 users in at least 150 countries.
    In 2016, North Korean hackers attempted a billion-dollar 
digital heist on Bangladesh, Bangladesh's National Bank and 
managed to skirt off with $81 million. North Korea is also 
notorious for hacking cryptocurrency portfolios and laundering 
money through cryptocurrency platforms.
    It is important to note that these hackers are not sitting 
together somewhere in a dimly lit room somewhere in Pyongyang, 
because they're all over the world and mostly operating outside 
of North Korea, namely China.
    Despite these previous cyberattacks even affecting Chinese 
individuals and organizations, the People's Republic of China 
refuses to do anything about it.
    This is because the PRC actively helps to facilitate North 
Korea's cybercrime by providing it with the digital 
infrastructure it needs to carry out these attacks. And, it 
does so because it does not want to see the Kim regime fail.
    If you want to see the Kim regime fail in its illegal 
ventures, then we must ensure that we enhance our sanctions and 
law enforcement activities targeting North Korea's cybercrime.
    We must also remember that while hostilities on the Korean 
peninsula ended 70 years ago, North Korea is a still hostile 
actor. Kim Jung Un murders and terrorizes his own people to 
ensure that he can remain in power. And, he has no real 
interest in peace with the free world.
    We must be vigilant in ensuring there are no loopholes in 
our sanctions policies that he can exploit to denying his own 
people's basic human rights. And, we must work with our allies 
and partners in the Indo-Pacific to ensure that we send Kim 
Jung Un a strong and united message that his behavior will not 
be tolerated.
    I also call on the Administration to ensure that human 
rights in North Korea remains at the forefront of our Indo-
Pacific policy. I introduced North Korea Human Rights 
Reauthorization Act, which authorizes activities to get outside 
information into North Korea and calls for the confirmation of 
a Special Envoy on North Korea and calls for the reunification 
of divided families.
    I believe this legislation will ensure that we do not let 
human rights in North Korea become a peripheral issue. And, I 
will push to get this legislation signed into law during this 
Congress.
    With that, the Chair now recognizes the Ranking Member, the 
gentleman from California, Mr. Bera for his opening statement.
    Mr. Bera. Thank you, Madam Chairwoman for holding this 
critical hearing. And, thank you to the witnesses for sharing 
your expertise with the Subcommittee.
    As the Chairwoman pointed out, today marks the 70th 
anniversary of the Korean Armistice Agreement. And, this gives 
us an opportunity to pay honor and the tremendous debt that we 
owe to those who sacrificed in the conflict, including the 
thousands of American, Korean, and U.N. troops who lost their 
lives.
    In addition though, it also allows us to pay homage to the 
partnership and friendship and alliance that was borne out of 
that shared sacrifice and the strength of the US-ROK alliance, 
friendship, relationship that continues to grow every day.
    As the Chairwoman pointed out, North Korean cyber activity 
represents a critical threat to the U.S., its allies, and 
international institutions. Given the country's resource 
constraints, the DPRK conducts asymmetric warfare through its 
cyber program.
    In recent years, North Korean cyber actors have targeted 
governments, banks, hospital systems, and private businesses, 
robbing those institutions of billions of dollars. Sources 
estimate that the financial gain to North Korea from their 
cyber-criminal activities has increased from about $1 billion 
in 2017 to $2 billion in 2020.
    These attacks have continued since the DPRK sealed its 
borders during the COVID-19 pandemic, with the U.S. Treasury 
estimating that North Korea stole at least $1.7 billion just in 
cryptocurrencies in 2022. This activity is used to evade 
sanctions and directly support Kim Jung Un's regime, including 
North Korean ballistic missile and nuclear activities.
    As a doctor, we've also seen troubling evidence of North 
Korean ransomware against our hospital and health systems. This 
undermines and threatens our ability to care for our patients 
and impacts every Member of Congress in every district, because 
we all have those hospitals.
    Finally, like many authoritarian governments, North Korea 
uses the cyber domain to extinguish threats to the regime. The 
2014 Sony Picture hack was a watershed moment when North Korea 
uses cyber tools to prevent the studio from showing a movie 
that was critical of Kim Jung Un's rule.
    While we may have been amused that the Kim regime was 
threatened by a Seth Rogen film, we should also understand the 
DPRK is willing to use these instruments to intimidate 
opposition outside its borders.
    We need to be aware of how the cyber domain can be used to 
shore up authoritarian regimes. In light of this, the Biden 
Administration is making a strong effort to counter North 
Korea's malign cyber activities.
    The Cybersecurity and Infrastructure Agency, CISA at the 
Department of Homeland Security has made North Korean cyber 
activity a priority, informing the public and private sector of 
DPRK malicious actions.
    President Biden has also strengthened our alliance with 
South Korea as well as our trilateral partnership with South 
Korea and Japan, making it easier to align our policies in 
response to the DPRK's provocative behavior.
    In 2022, Presidents Biden and Yoon established the first 
U.S.-ROK working group meeting on the DPRK cyber threat. During 
South Korean President Yoon's State visit in April, Presidents 
Biden and Yoon committed to establish a U.S.-ROK strategic 
cybersecurity cooperation framework to expand cooperation on 
deterring and combating cyber activities.
    With that, I applaud the foundation President Biden has 
laid. And, it is now time for more to be done. And, I think we 
can work in a bipartisan way as Members of Congress to continue 
to support these activities.
    And with that, I look forward to hearing from our witnesses 
and I'll yield back.
    Mr. Connolly. Madam Chair?
    Mrs. Kim of California. Yes?
    Mr. Connolly. I want to thank you for having the hearing. 
But, just a point of personal privilege if I may, I want to 
welcome my former constituent, I think you're now former, and 
my former opponent, Suzanne Scholte, who has been steadfast in 
her advocacy for human rights on the Korean peninsula and 
calling out the Korean regime. But also, trying to promote 
reconciliation.
    And, I really appreciate her presence here. And, I am doing 
this now, because I am nervous, we are going to have votes and 
we'll scatter to the four winds, because the Congress is out 
for 6 weeks once we have this vote.
    So, welcome Suzanne. And thank you, Madam Chair.
    Mrs. Kim of California. Thank you for mentioning that. We 
do have votes that are about to be called for. So, we're going 
to try to rush through this as fast as possible.
    But, we want to hear from our witnesses and have an 
opportunity for our members to ask questions as well. Other 
members of the Committee are reminded that opening statements 
may be submitted for the record. And, we are pleased to have a 
distinguished panel of witnesses before us today on this very 
important topic.
    First, Bruce Klinger is a Senior Research Fellow at the 
Asian Study Center at the Heritage Foundation. Thank you for 
joining us. Ms. Jean Lee is a journalist and former Pyongyang 
Bureau Chief with the Associated Press. Thank you for joining 
us.
    And, Ms. Suzanne Scholte, as said was a dear friend who 
were partners in crime, I guess, on this very important issue, 
currently serves as President of the Defense Forum Foundation. 
Thank you for being with us.
    Last, Ms. Jenny Jun, is a Research Fellow at the Center for 
Security and Emerging Technology. With that, I want to thank 
you all for being here. Your full statements will be made part 
of the record. And, I will ask each of you to keep your spoken 
remarks to 5 minutes or under in order to allow time for member 
questions.
    So, let me now recognize Mr. Klinger for your opening 
statement.

    STATEMENT OF BRUCE KLINGER, SENIOR RESEARCH FELLOW FOR 
 NORTHEAST ASIA, THE HERITAGE FOUNDATION'S ASIAN STUDIES CENTER

    Mr. Klinger. Chairwoman Kim, Ranking Member Bera, and 
distinguished members of the Committee, I thank you for the 
opportunity to appear before you. I will summarize my written 
testimony.
    North Korea's cyberattack capabilities pose a multifaceted 
threat to national security since the regime has successfully 
penetrated and inflicted damage on military, government, media, 
and infrastructure computer networks.
    North Korea's sophisticated cybercrimes enable the regime 
to finance its prohibited nuclear and missile programs and 
evade international sanctions in ways that are more efficient, 
less risky, and far more lucrative then its past illicit 
activities.
    How successful have these cybercrimes been? By 2019, North 
Korean had cumulatively gained $2 billion from cybercrime.
    Last year, in the world's largest cryptocurrency heist 
ever, North Korean hackers stole $620 million from a crypto-
token based online video game. And, as Representative Bera 
pointed out that North Korean hackers, just last year, stole 
$1.7 billion worth or cryptocurrency.
    By comparison, North Korea's legitimate international trade 
last year was only $1.5 billion. And, the U.S. has estimated 
that in the last 2 years alone, North Korea has largely funded 
its weapon of mass destruction programs through cyberheists of 
cryptocurrencies and hard currencies.
    Another cash cow for North Korean cybercrimes has been its 
IT workers operating overseas. The U.N. Security Council 
Resolution 2397 required all countries to repatriate all of 
their North Korean workers within their borders by December 
2019.
    Despite that edict, thousands of highly skilled North 
Korean information technology workers currently operate in 
China, Russia, and other countries. They use false identities 
and fraudulently gain employment as freelance computer 
engineers with tech and virtual currency companies around the 
world.
    Some North Korean IT workers can earn more than $300,000 
per year, with 90 percent of their wages going back to the 
regime. Overall, the program generates hundreds of millions of 
dollars annually for the regime to fund its nuclear and missile 
programs.
    In recent years, Washington and Seoul have both stepped up 
the law enforcement efforts to combat North Korea's cyberattack 
strategies. And, the inauguration of South Korean President 
Yoon Suk Yeol has been particularly noteworthy for South Korea 
upholding the rule of law.
    Under the Yoon Administration, South Korea issued its first 
ever independent sanctions targeting North Korean cyber 
activities. And, was the first country to sanction North Korean 
hacking group Kimsuky.
    Despite these recent efforts, more needs to be done. The 
U.S. should augment its engagement with international partners. 
One example would be utilizing the Quad senior cyber group to 
engage with other Indo-Pacific nations, especially South Korea, 
to coordinate enhanced cyber defenses.
    Also, target the North Korean overseas IT workers. The U.S. 
should pressure countries to eject or extradite North Korean 
workers to reduce the substantial source of illicit funding for 
the regime's nuclear missile programs.
    And, the U.S. should encourage or urge companies to conduct 
more rigorous identification checks and stringent 
authentication measures to prevent inadvertent hiring of North 
Korean IT workers as independent contractors.
    Also, need to enhance enforcement against illicit cyber and 
money laundering operations. Successive U.S. Administrations 
have refrained from significant actions against Chinese 
entities, providing technology, equipment, training, and safe 
haven to North Korean hackers.
    Washington should pressure China and other nations to 
dismantle North Korean hacking networks on their soil. And, 
Washington has yet to impose fines on Chinese banks for 
laundering North Korean illicit funds.
    And, the U.S. should target banks, financial institutions, 
and front companies that are used to launder money stolen by 
North Korea. We also need to augment regulation of 
cryptocurrency exchanges.
    The U.S. should review existing legislation and regulations 
to ensure cryptocurrency exchanges have sufficient security 
against cyberattacks and to prevent money laundering.
    We should support third-party civil suits against enablers 
of cyberattacks. Congress should enact legislation that 
facilitates civil suits against foreign States that have 
repeatedly sponsored or facilitated cyberattacks against U.S. 
critical infrastructure or any entity that willfully or 
negligently facilitates a cyberattack against a U.S. person or 
U.S. critical infrastructure.
    We should also enhance cyber administrative enforcement 
authority. Congress could grant an appropriate Federal agency, 
such as the Cybersecurity and Infrastructure Security Agency, 
administrative forfeiture authority to seize and forfeit 
hackers' infrastructure and other proceeds or facilitated 
property, which would reduce demand on limited judicial and 
prosecutorial resources.
    In conclusion, the U.S. in conjunction with foreign 
governments and the private sector, needs to augment cyber 
defenses and respond more forcefully to attacks. Failure to do 
so enables North Korea to continue undermining the 
effectiveness of international sanctions and leaves the U.S. 
and its partners exposed to a potentially devastating 
cyberattack. Thank you.
    [The prepared statement of Mr. Klinger follows:]

    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]	

    
    Mrs. Kim of California. Thank you so much.
    Ms. Lee.

  STATEMENT OF JEAN LEE, JOURNALIST, FORMER PYONGYANG BUREAU 
                    CHIEF, ASSOCIATED PRESS

    Ms. Lee. Chairwoman Kim, Ranking Member Bera, distinguished 
members of this Subcommittee, thank you so much for inviting me 
to testify today.
    I'm honored to be here on this day of all days, the 70th 
anniversary of the armistice that brought the Korean War to a 
halt. It also happens to be my father's birthday. He got the 
best birthday gift that a child of war could wish for when he 
woke up that day, a cease-fire. So, happy birthday, dad.
    But, that truce was never replaced by a peace treaty. So, 
the conflict remains unresolved. We call it the forgotten war. 
But, the Kim family in North Korea holds tight to the narrative 
of war and uses it to justify the building of nuclear weapons.
    Now, there's a new battleground, cyberspace. Kim Jung Un's 
warriors are using science and technology to fight and steal on 
his behalf through cyber theft, cyber espionage, and 
cyberwarfare.
    So, today I'd like to share observations based on years of 
watching North Korea not only from a distance as an analyst, 
but also as a journalist who spent many years reporting from 
Pyongyang.
    My first trip to North Korea was in 2008. My last was in 
2017. I was the first American journalist to join the Pyongyang 
press corps. And, in 2012 I opened an AP Bureau in Pyongyang, 
just as Kim Jung Un was coming to power.
    I had a front row seat to the making of the mythology 
around this young, new leader. The goal was to paint him as the 
reincarnation of his revered grandfather, but, a modern 
incarnation who would use computers to take his analog country 
into the future.
    Science and technology became a tool for building loyalty 
among his future power base. My North Korean staff loved 
gadgets, cell phones, laptops, blue tooth headsets, they were 
all status symbols in a country that doles out electronics as 
political prizes.
    Propaganda posters promote computers and mathematics and 
they link them to missiles. The main science center is shaped 
like an atom.
    I suspected that hacking was being promoted internally as a 
form of patriotism. And, those suspicions were confirmed with a 
series of bold cyberattacks blamed on North Korea, Sony 
Pictures in 2014, the Bangladesh bank heist in 2016, and 
WannaCry in 2017.
    There is a tendency to underestimate North Korean hackers. 
And, I wanted to find a way to scare the public into paying 
attention.
    So, in 2020, I joined the BBC to carry out investigative 
reporting on the Lazarus Group for a podcast series that we 
called the Lazarus Heist. And we explore who the hackers are, 
how they're trained, how they operate, where the money is 
going.
    We explore how cyber figures into Kim Jung Un's strategic 
thinking and planning. And, we put the attacks into political 
and historical context.
    After all, Kim Jung Un is a millennial. He spent time in 
Switzerland. He could see how computers were changing the 
world. He may have kept his--he may keep his people in the dark 
and disconnected, but he's an early adopter.
    He also grew up with sanctions and saw the opportunity in 
cyberspace for getting around these sanctions. He recognized 
cyber theft as a low cost, high yield form of robbery. And, 
that cyberspace offers a convenient cloak of anonymity.
    So, he sent his top math geniuses to China, to Southeast 
Asia, Russia, and the Middle East, to learn how we live, bank, 
and socialize online. Many went as legitimate IT workers. And 
the FBI says while they're programming by day, they are hacking 
by night.
    It's hard to get what is the extent of the theft, but the 
count is in the billions. In May, the Deputy National Security 
Advisor for Cyber said half the funding for North Korea's 
nuclear weapons maybe coming from cyber theft.
    To their credit, the FBI and the Department of Justice have 
been relentless in their pursuit. Treasury has been aggressive 
with targeted sanctions. The State Department has been holding 
cyber working group meetings with their South Korean 
counterparts.
    But, the challenge is multiplying. Illicit financing may 
have been a game of cat and mouse under Kim Jung Il. It is now 
more like whack-a-mole.
    Where the hackers fall short on sophistication, they make 
up for it in persistence, patience, and motivation. They're 
clever, resourceful, they target vulnerabilities in technology 
that is evolving quickly.
    So, the counter-strategy has to be more ambitious than 
simply whacking faster. This threat needs to be elevated among 
the public as well as policymakers.
    This is about national and global security. Keep in mind 
that Russia's Defense Minister is in Pyongyang right now 
touring a display of nuclear weapons.
    Cyber theft buys Kim time to shut the world out. And, that 
complicates prospects for diplomacy. That endangers us and 
imperils ordinary North Koreans who pay the price with their 
well-being when their leader prioritizes weapons.
    This hearing is a promising development. And, I hope it 
spears more strategic thinking on North Korea. I look forward 
to your questions.
    [The prepared statement of Ms. Lee follows:]

    [[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]	

    
    Mrs. Kim of California. Thank you, Ms. Lee. And, happy 
birthday to your father too.
    I now recognize Ms. Scholte for your opening statement.

    STATEMENT OF SUZANNE SCHOLTE, PRESIDENT, DEFENSE FORUM 
                           FOUNDATION

    Ms. Scholte. Thank you. And, thank you, Congressman 
Connolly for your kind words. And, thank you, Congresswoman Kim 
and Congressman Bera for hosting this hearing.
    It does come at an urgent time. And, is the 70th 
anniversary of the Armistice. But, there is different histories 
being told on the Korean peninsula on the Armistice Day.
    Tragically, the people north of the DMZ will be told lies 
to foment hate against our country and the Republic of Korea.
    Now, I've been asked to assess how North Korea manipulates 
economic aid and regime financing to conduct its human rights 
atrocities. We have two developing human rights atrocities that 
demand our urgent attention.
    First, is the 2000 children, women, and men currently in 
detention in China facing repatriation. And, of course, the 
ongoing tragedy facing the entire population of North Korea.
    North Korea is not just a communist dictatorship with its 
Juche religion as guiding principles. It's also a kleptocracy 
that is used its power and personal gain at the expense of the 
North Korean people.
    Kim Jong Un will never make a decision that would improve 
the lives of the North Korean people. His only concern is his 
own well-being and power. We must take the actions necessary to 
help the people of North Korea to stop these ongoing 
atrocities.
    During the North Korean famine for example, at the start of 
the 1990's, there was enough humanitarian aid that was sent 
from the international community that no North Korean should 
have starved. Instead, three million people died because Kim 
Jong Il used that aid as a weapon against the North Korean 
people.
    With my testimony I'm submitting a report recently produced 
by the Center for North Korean Human Rights of the INSS, which 
documents in addition to the illicit IT, disturbing and 
shocking findings about the ongoing overseas slave labor, the 
smuggling of coal, gold, and weapons, the proliferation of 
nuclear technology to Iran and Cuba, and insurance fraud.
    These illicit funds are used to support Kim's lavish 
lifestyle and develop his nuclear and missile development 
program. I want to quote a high-ranking defector, Lee. Mr. Lee 
who oversaw business deals for the Kim regime out of China, and 
he describes where the illicit money goes.
    It's typically the funds generated by IT workers goes 
directly into Kim Jung Un's personal account. Ninety percent of 
the current IT workers for example, are affiliated with Office 
313, the Guidance Unit, and 75 Guidance Unit under the Military 
Industry Department, which is the department that develops the 
nuclear weapons program and also the Reconnaissance General 
Bureau.
    So, the revenues these IT workers make goes to Office 39, 
which is handled by Kim Jong Un. It's personally controlled by 
him. And, he uses it to his own personal wealth, to maintain 
the system, and to develop his nuclear missiles program.
    And, I want to cite a statistic that was produced by the 
Korean Institute of Defense Analysis earlier this year, in face 
of the fears we have another Arduous March maybe starting in 
North Korea, that what they have spent on the nuclear program 
could feed the population of North Korea for 4 years.
    The root of all evil, money, crime, and law in North Korea, 
I'm going to submit this report written by Josh Stanton for 
this hearing, which documents--published by the Committee for 
Human Rights in North Korea.
    Josh Stanton, I quote from his report, North Korea is a 
nation rich in natural resources, yet among Pyongyang's long 
list of crimes against humanity, none has killed or harmed more 
of its people then its misappropriation of wealth from the 
enslaved people who extract it from its soil, seas, and mines. 
It uses this stolen wealth and the proceeds of its financial 
crimes to enrich the oligarchy, perpetuate enslavement and 
repression, proliferate weapons of mass destruction, and 
threaten peace in the region.
    Stanton has proposed trying--using the existing 
resolutions, the existing statutes that we have to find, freeze 
and forfeit and stop these funds.
    I'm also submitting a statement from Rosa Park-Takola, 
she's a Senior Project Lead for the DPRK Counterproliferation 
at CRDF Global. And, she manages the sanctions evasion 
portfolio.
    And, she cites another thing we need to be concerned about, 
maritime. The fact that they're labeling ships. And, they're 
getting in goods that have been sanctioned that way.
    So, what must be done? Very quickly, and I can go into a 
lot more detail later during Q&A, we've got to save the 
refugees.
    Our State Department should announce now that we will 
sanction any Chinese official involved with the repatriation of 
these children, women, and men.
    We should aggressively use the tools that we have, you 
talked about the sanctions. It's true, North Korea is heavily 
sanctioned.
    But, we're not enforcing the sanctions. Our sanctions 
against the North are extremely weak. And, I cite this report 
by Josh Stanton, third, the most important thing, we've got to 
make human rights our No. 1 priority.
    And, I'm submitting a report. This is just published citing 
ongoing atrocities. These are recent eyewitnesses and 
testimoneys.
    And, we need to tell the people the truth. We need to get 
information into North Korea by land, sea, and air.
    [The prepared statement of Ms. Scholte follows:]

    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]	

    
    Mrs. Kim of California. Thank you, Ms. Scholte. Those three 
reports that you mentioned will be submitted into the record 
without objection.
    Let me now recognize Ms. Jenny Jun for your opening 
statement.

 STATEMENT OF JENNY JUN, RESEARCH FELLOW, CENTER FOR SECURITY 
                    AND EMERGING TECHNOLOGY

    Ms. Jun. Thank you. Chairwoman Kim, Ranking Member Bera, 
and members of the Subcommittee, thank you for the opportunity 
to testify before you today on this very important and timely 
topic.
    My comments today are my own. Today I will highlight three 
points. First, if North Korea considers nuclear bombs to be the 
ultimate weapon, it considers cyber capabilities to be a Swiss 
Army knife.
    North Korea frequently uses its cyber capabilities as a 
means to further a variety of national goals. Hackers rob 
things and steal cryptocurrency, some of which trickles into 
funding for their nuclear missile program.
    They conduct industrial espionage related to COVID-19 
research. They punish movie makers when the regime perceives 
that they hurt Kim Jong Un's public image.
    How often North Korea uses cyber capabilities in all these 
cyber settings pose a different policy problem then responding 
to its nuclear threat. It is important not to underestimate 
their capabilities to echo Jean.
    North Korea's hackers have proven again and again they're 
persistent, bold, and creative. They keep tabs on the latest 
cybertech trends, and quickly adopt relevant tactics and 
techniques as part of their own tool kit.
    Their country's general political and economic isolation 
should not fool us into thinking that their hackers are also 
unaware of the latest hacking techniques.
    Perhaps what makes me most worried about North Korea's 
cyber threat is that they're occasionally not afraid to launch 
operations that are brazen and destructive.
    Figuratively, they will rob the bank and set fire to it to 
get rid of evidence instead of carefully going in and out 
without anyone noticing.
    North Korean hackers have a higher tolerance for 
operational risks. And, they're sometimes willing to tradeoff 
staying under the radar for fast grabs.
    This happens because they care less about their operations 
being attributed back to them, because they have no 
international reputation to preserve. This makes the North 
Korean cyber threat different from other sophisticated threat 
actors.
    Second, the proceeds from North Korea's vast cybercrime 
enterprise are a lifeline for the Kim regime. North Korea has 
come up with a long list of daring and innovative ways to use 
cyber means to earn cash.
    And, if they find a new method, they will exploit it 
quickly and widely to maximize gains from it before the window 
of opportunity disappears. They're not likely to stop any time 
soon.
    Cybercrime is a much more efficient and lower risk way of 
generating foreign cash then their previous illicit financing 
mechanisms. For an easy comparison, North Korea's total exports 
in 2022 were only $160 million with a heavy dependence on 
mineral exports to China.
    Their next export category was hair wigs. This pales in 
comparison to how much they can steal in a single cyberattack.
    For almost two decades, sanctions have been a main policy 
lever, vis-a-vis North Korea. Whether it was to change their 
behavior or to slow down their weapons program. However, North 
Korea has been able to stay resilient to this, in part through 
a cybercrime enterprise.
    Third, combating North Korea's cybercrime is a cat and 
mouse game. And, it is a problem that has been managed not 
deterred.
    The U.S. and its allies will not be able to persuade North 
Korea to cease activity in this space altogether. Instead, we 
should set two goals. The first goal should be to mitigate the 
frequency and scale of North Korea's cybercrime.
    Thankfully, the U.S. Government is already aware of this 
problem, and it has to take important steps through 
indictments, sanctions, and direct seizures. There is a broader 
effort toward regulating virtual assets and exchanges in 
general, which will certainly help to put pressure on North 
Korea.
    Over the past year, the U.S. and South Korea have also been 
in close coordination on this issue. At the same time, North 
Korea continues to innovate on their money laundering scheme to 
get around such crack downs. So far, North Korea is winning 
this cat and mouse game.
    The second goal should be to shape the way that North Korea 
conducts its cyber operations in such a way that reduces 
systemic risks of accidents and widespread collateral damage so 
as to prevent incidents such as WannaCry from happening again.
    The combination of these two goals are seemingly at odds 
with each other. And, maintaining a balance between them will 
be our key challenge.
    Our efforts to whack the mole faster than they appear will 
also encourage North Korea to engage in riskier tactics in 
cyberspace. And, because North Korea has a higher risk 
tolerance than others, we cannot lose sight of the second goal 
in lieu of the first.
    This concludes my remarks. I would like to thank the 
Subcommittee for convening the hearing on this pressing issue. 
I look forward to your questions.
    [The prepared statement of Ms. Jun follows:]

    [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]	

    
    Mrs. Kim of California. Thank you very much.
    We were kind of in consultation with the members and the 
Ranking Member to determine what to do, because we--our votes 
will be called any minute now.
    But, since the bell hasn't run, I think what I'll do is 
recognize myself for 5 minutes of questioning. And then, given 
time, we will go with the Ranking Member for questions. And 
then, we'll have to take a recess and come back.
    So, with your understanding, I want to ask the first 
questions to Mr. Klinger and Ms. Scholte. Regarding the 
sanctions, you know, how has the United States used the 
sanctions to try and deter DPRK cyberattacks?
    And, has the U.S. ever imposed secondary sanctions in 
relation to North Korea's cybercrime?
    Mr. Klinger. Thank you very much. Sanctions against 
cybercrimes as well as just overall against North Korea, you 
know, it's not a magic bullet. It's one tool of a comprehensive 
integrated strategy against North Korea.
    But, we have underutilized it. There's very strong 
legislation of the U.S. as well as U.N. Security Council 
Resolutions.
    But, the question, I think, has always been, why have not 
we fully enforced them? In the previous Administration, the 
President announced there were 300 North Korean entities that 
he was not sanctioning because we were talking so nicely to 
North Korea and it would be an insult to Kim Jong Un to impose 
them.
    After the talks broke down, we never imposed those. The 
predecessor of this Committee sent to the White House a list of 
12 Chinese banks that it felt were committing money laundering 
crimes in the United States. No actions were taken against any 
of them.
    And, we've imposed $9 billion in fines on European banks 
for money laundering for Iran. But, zero dollars in fines on 
Chinese banks for doing the same for North Korea.
    So, I think with cybercrimes, you know, we've seen that in 
the last several years there have been very extensive efforts 
by South Korea and the U.S. to sanction or impose fines. Or, to 
even be able to claw back some of the stolen cryptocurrency.
    But, it's always very difficult, particularly with 
cybercrimes, to identify the perpetrator or then to punish 
them. So, doing more of the same may not seem, you know, 
satisfying.
    But, it is a question with law enforcement, you have to 
constantly maintain pressure on the criminals in order to, in 
some cases, just maintain the status quo.
    Mrs. Kim of California. Ms. Scholte, do you want to add to 
that?
    Ms. Scholte. I echo exactly what Mr. Klinger said. We eased 
up on the Chinese banks. And, we never reimposed and enforced 
those things.
    And, there's a--some detailed information in this, the Root 
of Evil that Josh Stanton prepared. But, we just backed off.
    And, we have not been aggressive. And, we have these tools 
that we're not using. So, I just want to echo that.
    Mrs. Kim of California. So, you know, under that scenario, 
since our current sanctions are not being enforced properly, do 
you think secondary sanctions are, or will be an effective tool 
in holding actors like North Korea accountable?
    Mr. Klinger. I think we should. If someone is, some entity 
is in violation of our laws, sometimes indirectly in supporting 
direct criminals, then there should really be no hesitation in 
enforcing our laws.
    And, Chinese banks and businesses have been particularly 
egregious in their support of North Korean cybercrimes.
    Mrs. Kim of California. And, conceptually applying this, 
the secondary sanction type of the regime to other U.S. tools, 
like export controls, is something worthwhile that the United 
States policymakers should consider?
    Mr. Klinger. Very much so.
    Mrs. Kim of California. OK. Ms. Lee and Mr. Klinger, I want 
to also ask for your thoughts on what sort of coordination of 
illicit cyber activities, if any, is there between North Korea 
and the PRC?
    And, what about Russia? Do we have any coordination?
    Mr. Klinger. We know that North Korean government agencies 
and affiliated hacking groups have been in coordination with 
Russian criminal groups. And, they have provided the tools and 
software and other means for hacking that have supported North 
Korea.
    With China, they have provided safe haven to North Korean 
hackers. They presumably have also provided training and 
hardware and software for North Korea to engage in hacking 
activity on Chinese soil.
    Mrs. Kim of California. Ms. Lee, can you add to that, 
please?
    Ms. Lee. I would echo that as well. And, as you pointed 
out, as Bruce pointed out, North Korean workers were supposed 
to be back under U.N. Security Council Resolutions by December 
2019.
    However, it is understood that many of them are still in 
China and Russia. And, continue to carry out illicit activities 
that violate U.N. Security Council Resolutions.
    So, while China and Russia may refute that they provide any 
specific training, they are still violating U.N. Security 
Council Resolutions by allowing them to stay and operate in 
their countries.
    Mrs. Kim of California. Very good. Well, thank you. Let me 
now recognized Ranking Member Bera for 5 minutes of 
questioning.
    Mr. Bera. Thank you, Madam Chairwoman. I'm going to yield 
my 5 minutes to Representative Sherman, because I'll be 
returning, and will ask at that time.
    Mr. Sherman. I thank the gentleman. Seventy years, and 
we've had the most manifestly failed policy as we would have 
anywhere in the world.
    The North Korean people are starving and it's not every 
year. But, in some years. This human rights condition is beyond 
description.
    But, worse than any of that is the threat we face from 
their nuclear program. We pound the table and we say CVID, 
complete, irreversible, verifiable.
    And, then we pound the table again. We complement this with 
weak-ass sanctions that maybe annoy the North Koreans. They'd 
like to get out of them, but not enough to change their nuclear 
or other policies.
    And then, we sometimes trim around the edges and talk about 
how we can make this sanction a little tougher and that 
sanction a little tougher.
    I do not think we're--Mr. Klinger, if our sanctions were 10 
or 20 percent more effective, would that cause, you know, so a 
little tougher, would that cause North Korea to abandon its 
nuclear program?
    Mr. Klinger. I think I----
    Mr. Sherman. Or, would we need to do an awful lot more than 
that?
    Mr. Klinger. We have to enforce our own laws for the sake 
of enforcing our own laws. And, I do not see a benefit in not 
enforcing our laws.
    Mr. Sherman. Well, that is----
    Mr. Klinger. Out of the idea that it wouldn't help.
    Mr. Sherman. The one detriment about talking about 
enforcing our own laws a little better, is it distracts us. 
And, we get a little better at what we're doing that's 
ineffective.
    And, we'll have another 20 years where every year we pound 
the table and say CVID. And, North Korea develops even more and 
more nuclear weapons.
    My concern is, we put economic pressure on them. The one 
thing they have a surplus of that could be sold in the market 
is nuclear weapons.
    And, if they do not have a surplus now, they're producing 
more. And, at some point they'll have more than their own 
doctrines require.
    We had a conference earlier today that I put together on 
the Peace in Korean Peninsula Act, which would push the State 
Department to at least negotiate a peace treaty. Not that that 
would solve all problems.
    But, it's not a concession to North Korea any more than 
Eisenhower's decision to sign an Armistice 70 years ago today 
was a concession.
    When it comes to cyber, we tend to play defense. I do not 
know if anybody has the expertise here. But, how much harm 
could we do to the North Korean economy if we played offense 
and we tried to disrupt their economy?
    Does anyone have the expertise? I do not. I'm not sure that 
can be discussed in an unclassified setting in any case.

    Mr. Klinger. It would be difficult, I think, to assess. 
Because in large part, the North Korean economy is not as 
tightly connected to the internet as the United States system 
is.
    Mr. Sherman. OK. I'll point out when I say weak-ass 
sanctions that if we just sanction an individual Chinese bank, 
then they'll--and, we've been so weak they have not even 
bothered to react to that.
    They can have some of their banks do business with North 
Korea and some of their banks do business with us. And then, 
the banks that do business with us, we cannot sanction for 
doing business with North Korea.
    They have not even bothered to do that, because as Bruce 
just pointed out, we--what they cannot avoid is across the 
board tariffs on China to be maintained for as long as China 
plays the critical role it does in helping this regime continue 
its nuclear program.
    Of course, that would hurt Walmart profits. So, instead of 
doing something that might protect our State from North Korean 
nuclear weapons and a freezing of their missile program, we 
continue to keep doing what we have been doing, when it hasn't 
worked, and expect a different result.
    And, think that we can achieve a slightly better result if 
we just do it a little better. If we were close, you know, you 
get close and you think, gee, if I just work a little more, 
it's going to get there. I do not think we're close.
    Finally, Mr. Klinger, I spent this whole day trying to 
fight the idea of deregulating crypto and allowing that to 
become another currency. Right now, the number of transactions 
in crypto are not a thousandth of what they are on the dollar.
    But, more crypto transaction target is to follow. If 
cryptocurrency was a real currency, would that be a boon to 
North Korea?
    Mr. Klinger. It maybe a way for them to facilitate commerce 
without being reliant on the centrality of the U.S. dollar to 
the international financial system.
    We know that the majority of all international transactions 
in the world is denominated in dollars. Which means it has to 
go through a U.S. Treasury Department regulated bank in the 
U.S.
    And, we know that the majority of North Korean 
international transactions are denominated in dollars. So, if 
they can do it in cyber, it's a way of evading that form as 
well too.
    Mr. Sherman. That's why I got involved in the crypto--or, 
I'd like unanimous consent to put a packet of 20 different 
articles describing how North Korea uses cryptocurrency into 
the record.
    [The information referred to follows:]

   [GRAPHICS NOT AVAILABLE IN TIFF FORMAT]	

    
    Mrs. Kim of California. OK. Without objection. The 
gentleman's time has expired. But, because this is an important 
issue, I would like to give Ms. Scholte, who has been wanting 
to respond to the Congressman.
    Ms. Scholte. Yes. Congressman Sherman, you very much 
focused on the solution to this issue in 2017. You held a 
roundtable with the North Korean defector NGO leaders that were 
involved in the information campaign.
    It was powerful. That's the solution to this. Just focusing 
on the nuclear issue feeds the lie that that regime tells its 
own people, that we do not care about them.
    We have to communicate the truth to the people of North 
Korea. And, that roundtable, you were so moved by those people 
that were risking their lives to get information into North 
Korea.
    We need to be stepping up the information campaign. The 
people of North Korea need to know the truth, that there's a 
hearing like this where we're talking about the suffering 
that's happening to the people of North Korea.
    We need to put human rights at the forefront. We need to do 
everything we can to help support the North Korean defectors 
and the work that they're doing.
    Mrs. Kim of California. Thank you very much. The votes have 
been called. And, the Committee will now stand in recess.
    We'll be back in about 10 to 15 minutes. Don't go away.
    [Recess.]
    Mrs. Radewagen [presiding]. Thank you so much for your 
patience. And, it can be crazy on the Hill at this time of the 
year.
    So, let's see, let's just move right along here. I now 
recognize myself for 5 minutes. And, I represent American 
Samoa. Even though we're thousands of miles away from North 
Korea, we too have been fearful of their malign actions.
    A few years ago, my home hosted a North Korean freighter 
that we seized after it was caught illegally transporting 
goods.
    So, Mr. Klinger, how can security dialogs like the Quad or 
AUKUS impact DPRK activities? Do they escalate? Provide 
deterrence? Change nothing at all?
    Mr. Klinger. Well, I think efforts amongst the Indo-Pacific 
nations to coordinate on not only security threats but criminal 
activity, is beneficial. You know, it is not directed, you 
know, to escalate tensions or to undermine efforts at 
diplomacy.
    But, it's, you know, security we're trying to have a broad 
coalition of democracies and like-minded nations throughout the 
Indo-Pacific to address common security threats.
    It's not only nuclear weapons and missiles, but it's 
criminal activity as well as Chinese efforts to intimidate 
nations throughout the region.
    So, what we've seen is as the Chinese and North Korean 
threats have grown, nations throughout the Indo-Pacific have 
banded together more strongly to resist those efforts by not 
only North Korea, but also China.
    Mrs. Radewagen. So, Mr. Klinger, with the limited dialog 
between the U.S. and DPRK, how has the DPRK been increasing 
their collaboration in recent years with other State or non-
State actors?
    Mr. Klinger. What we've seen is over the decades, even when 
the U.S. was engaged with North Korea, they continued 
developing and refining, expanding their nuclear and missile 
arsenals.
    So, even when we had treaties and agreements with them, 
they continued to build those weapons in defiance. The first 
four international agreements with North Korea on nuclear 
weapons were arms control. And, they ended, they failed, 
because North Korea was cheating on them.
    The second set of four failed international agreements on 
denuclearization failed because North Korea did not fully 
comply with them.
    We've also had 253 inter-Korean agreements. And, those have 
not moderated North Korean behavior. And, the U.S. is, right 
now, is repeatedly saying they're trying to engage not only in 
nuclear weapon issues, but on repatriation of war remains, or 
risk reduction, or tension reduction issues.
    And, North Korea is the one that has repeatedly rejected 
repeated end treaties for engagement. Not only by the U.S. but 
other nations.
    Mrs. Radewagen. So, do DPRK attacks have the potential to 
escalate or trigger a geopolitical incident or even potentially 
a war?
    Mr. Klinger. They certainly have very dangerous nuclear and 
missile and biological and chemical warfare capabilities. They 
also have very large conventional weapons force.
    We've seen in the last year when they've engaged in very 
extensive conventional force exercises, in some cases firing 
missiles south of the maritime demarcation line between the 
Koreas. They have flown large numbers of aircraft close to the 
DMZ.
    So, they have--and, even when the U.S. and South Korea 
stopped large scale military exercises in 2018, North Korea did 
not reciprocate. They continued their winter training cycle, 
summer training cycle, and other large scale exercises.
    Mrs. Radewagen. So, Ms. Scholte, what exactly does the DPRK 
do with the State or commercial secrets and money that they 
obtain through cybercrime?
    Ms. Scholte. Based on the testimony of North Korean 
defectors, high-ranking ones that have been involved in this, 
the funds that come from their illicit activities are used No. 
1, for the lavish lifestyle of the dictator.
    No. 2, to keep the security apparatus that keeps the people 
under surveillance. And, the third thing is, to develop their 
nuclear weapons program.
    Now, I wanted too just, if I may, just explain what I think 
the solution to this all is. I absolutely believe that when 
Hwang Jang-yop defected, he was the highest ranking defector. 
He was the creator of the Juche religion.
    He was the right-hand name of Kim Il Sung and the tutor for 
Kim Jong Il. And, when Hwang Jang-yop defected, he had 
completely turned against that regime.
    And, he said, human rights is their Achilles heel. Giving 
the people of North Korea the knowledge that they're entitled 
to human rights is the most important weapon that we have by 
getting information into North Korea.
    And, for too long we've focused on thinking that we can 
make a deal. As Bruce was pointing out, to making some deal 
with Korea, they've never abided by any agreement. They use 
north--they use talks to extract concessions and aid. They 
continue to threaten.
    And so, I think that we're losing the opportunity. We need 
to be focusing on getting information into North Korea by land, 
by sea, and by air.
    And, that's why we were winning the information campaign. 
That's why Kim Jong Un shut the border down. He's trying to--
he's killing people for listening to K-Pop music.
    Mrs. Radewagen. Thank you. I would now like to recognize 
Ranking Member Bera.
    Mr. Bera. Thank you.
    Mrs. Radewagen. For 5 minutes of questions.
    Mr. Bera. Thank you, Chairwoman. Ms. Jun, in your testimony 
you State that North Korea's illicit financing through cyber 
means is a management problem, not a deterrence problem.
    Since North Korea has not really been persuaded to cease 
malign cyber activity through acts of punishment, you believe 
our goals should be to mitigate the frequency and scale of 
North Korea's cyber regime enterprise through various policy 
levers and cooperation with international partners.
    Can you highlight some of the policy levers that you think 
we ought to be using and, you know, how effective those 
measures would be?
    Ms. Jun. Certainly. Thank you, Congressman. So, I think 
there are basically two ways to look at this. A set of things 
we can do before the hack occurs, and a set of things we can do 
after the hack occurs.
    So, before the hack occurs, as my colleagues Bruce and Jean 
have mentioned, there are things we can do in terms of making 
sure that North Korean IT workers leveraging fake identities 
operating abroad, can no longer do so, because companies have 
stricter identity verification mechanisms, because third party 
States harboring these IT workers are now abiding by U.N. 
sanctions to, you know, stop harboring these people and 
repatriate them back to North Korea.
    There are things we can do in terms of regional, at a 
regional level. And, I think actually, the U.S. and South Korea 
alliance is a perfect segue into thinking about this from a 
more Indo-Pacific strategy.
    So, the U.S.-Korea alliance has been doing great in terms 
of responding to the North Korean cyber threat, in terms of 
issuing sanctions, advisories, everything. Reimagining and 
expanding the alliance to think about the cyber cooperation in 
terms of an Indo-Pacific strategy, would really help to help 
with things like capacity building in Southeast Asia, to help, 
to bolster our cyber defenses in this area.
    And also, there are things we can do after the hack occurs 
in terms of shorting the lag time between when the money is 
first stolen and the time it takes to end up in Kim's pockets.
    And so, there are a number of things that the U.S. 
Government, specifically OFAC has already done, such as 
designating certain cryptocurrency exchanges and cryptocurrency 
mixers and individual bit coin wallet addresses as under the 
SDN list.
    However, these are not being properly enforce. And, you 
know, for example if one wallet address is under the sanctions 
list, they can quickly transfer their money to a fresh new 
wallet that is not sanctioned and therefore, continue to 
launder that way.
    They also are wiring money through already sanctioned 
exchanges such as Russia-based Garantex Cryptocurrency 
Exchange, which is already under sanctions, but has no barriers 
to North Korea's criminal enterprise.
    Mr. Bera. OK. Mr. Klinger, you touched on the utilization 
of authorities that the Administration already has for 
secondary sanctions. You know, whether that's Chinese banks or 
other entities that, you know, maybe in some ways employing 
these North Korean workers, et cetera.
    Do you want to expand on Ms. Jun's answer and, you know, 
policies that we already have outside of just secondary 
sanctions on the banks?
    And then maybe policies that we do not have, that we should 
be thinking about, address this.
    Mr. Klinger. I always wonder why there would be any reason 
for hesitation in fully enforcing our laws. You know, we can 
debate about denuclearization or arms control and have good 
debates on that.
    But, to me it seems, when you come to cybercrimes, there 
should be no question as too fully enforce the laws. And, it's 
just how do you do that?
    Certainly, cybercrimes are very difficult to discern and 
identify sort of beyond a reasonable doubt who's the 
perpetrator. They're meant to be very difficult to discern.
    But, once you do, then you need to go after all of those 
that are involved or facilitating that behavior. And, I think 
the U.S. and South Korean have been doing that to a greater 
degree in recent years.
    So, we have the authorities, or even cybersecurity 
companies, have been able to claw back a large part of some of 
the money that has been stolen.
    So, you know, authorities that would--additional 
authorities that would enable U.S. law enforcement or 
regulatory agencies too more efficiently do that, I think, 
should be looked into.
    Mr. Bera. And, just kind of continuing, Ms. Lee, I think 
Mr. Klinger appropriately pointed out that while the Biden 
Administration said the door is open, you know, we're open to 
dialog, obviously Kim Jong Un has shut that door and is not 
willing to dialog.
    You know, an interesting thing obviously happened last week 
with the Private who ran across the border. A dialog is going 
to occur, I have to imagine.
    You know, again, whether that's a month from now, 2 months 
from now, et cetera. But, you know, given, you know, what--
there's still a lot that remains to be seen for us to learn.
    But, just from your perspective, your expertise, your time 
in North Korea, how do you see this issue of dialog, and you 
know, and where we ought to go and what we ought to do?
    Ms. Lee. I do think, and I hope that things will shift 
after this big anniversary and these celebrations are over. 
And, that the visit by the Chinese and high-level Chinese 
delegation and the Russian Defense Minister suggests that the 
border will start to open up.
    I do not think that that means that outreach to the United 
States is imminent. I do believe that Kim Jong Un is going to 
sit back and wait to see what happens with the next U.S. 
Presidential election.
    But, I do think it's good to look back at what happened in 
2017, 2018, and 2019, to remember and put into context what 
we're seeing now.
    I do look at 2017, for example, as a year, I call it in my 
podcast, fire and fury, where Kim Jung Un wanted to buildup 
that, his nuclear program to the point where he felt that he 
could step out into the world as a figure of respect, standing 
shoulder to shoulder with the leaders of the countries around 
him.
    He was not in that position before 2017. He was the young 
heir to an impoverished country. He felt in 2017 that he had 
done enough. And he pivoted to diplomacy.
    But, unfortunately those negotiations did not succeed. And, 
he must have felt that it was not enough. So, he has shut 
himself off in order to expand that weapons program.
    I do hope that eventually there comes a time where he 
decides it is enough and it's time to pivot and open his 
country up. Because he knows that the North Korean people are 
tired of war. They're tired of resources being pumped into that 
program.
    He just wants to reach a point where he can claim the 
weapons without having to give them all up, negotiate them some 
for impression.
    Mr. Bera. Thank you. My time has expired. I yield back.
    Ms. Lee. Did you want to talk about the Private in North 
Korea? Can I take a few seconds to talk about that?
    Mrs. Radewagen. Yes. Go ahead.
    Ms. Lee. And, I do not think that we will--as you say, it 
maybe weeks. I hope it's not months.
    They are certainly trying to figure out how best to handle 
him. How best to make the most of having an American soldier in 
their custody.
    I do hope that it becomes an opportunity for diplomacy. It 
becomes an occasion for them, a face-saving moment for them to 
reach out to the United States because they have an American 
soldier in their custody.
    And, that it does not become an occasion for them to use it 
to their advantage in a more, in a way that would bring harm to 
him. But, it could go either way.
    I do not think he has the kind of value that they may 
think. And, once they make that decision, I hope that they will 
release him, or at least engage with the United States and use 
it as an opportunity for some contact.
    Mrs. Radewagen. I would now like to recognize Mr. Barr for 
5 minutes of questions.
    Mr. Barr. Thank you, Madam Chair. And, thank you to our 
witnesses. And, to any of our witnesses, I wanted to ask you 
about some of the sanctions evasion tactics of the regime in 
North Korea.
    Obviously you've testified that the cyber-criminal activity 
that is occurring allows not only for sanctions evasion, but 
for North Korea to finance its missile and nuclear programs.
    But, in 2020, in the Fiscal Year NDAA, we included 
legislation, my bill, the Otto Warmbier North Korea Nuclear 
Sanctions Act, that imposed at the time, the toughest financial 
sanctions ever directed at North Korea, in order to cutoff 
Pyongyang's ability to earn hard currency.
    And, it was a secondary sanctions bill. It targeted foreign 
banks. And, I think some of the testimony today is that there's 
not enough sanctions activity on banks that allow for the 
illicit financing of the DPRK.
    So, my question is, what's happening there? Why aren't 
these sanctions on banks proceeding?
    And, despite whatever sanctions are there, it's pretty 
clear that Chinese firms and banks are continuing to help North 
Korea circumvent U.S. sanctions.
    So, anyone want to comment on that? And, why we do not see 
more secondary sanctions on especially Chinese banks?
    Mr. Klinger. Well, I remember testifying before this 
Committee about a decade ago when people said why aren't we 
fully enforcing our laws against China? And, my answer was, I 
do not know.
    It's been through successive Administrations. Just to point 
out, back in, I believe, it was 2005 when the U.S. imposed 
measures against Banco Delta Asia, a bank in Macau, it led to 
at least two dozen financial institutions throughout the world 
to cutoff North Korea, including the Bank of China defying the 
government of China and cutting off North Korea, because they 
were afraid of secondary sanctions from the United States.
    So, a North Korean official told a White House official, 
you finally found a way to hurt us. Once the Bush 
Administration reversed that action to improve the atmosphere 
for six-party talks, then the Bank of China and the others went 
back to engaging with North Korea.
    So, it shows that if we enforce our laws, it can get 
financial institutions who are fearful of secondary sanctions, 
to even defy their own governments.
    And so, it can have an impact in reducing North Korea's 
ability to engage with the outside world.
    Mr. Barr. Well, in its March 2020 report, the U.N. Panel of 
Experts concluded that the DPRK continues to access 
international banking channels in violation of United Nations 
sanctions, mainly by using third-party intermediaries.
    But, now we have in a 2020 NDAA, 3 years ago, we had the 
toughest economic sanctions authorization. We authorized the 
executive branch to impose secondary sanctions on Chinese and 
other foreign banks facilitating the illicit finance of this 
regime. And, we see no action.
    Does anyone else besides Mr. Klinger want to comment on 
this? And, I mean, and confirm for me that Congress has given 
the Administration the authorities. But, is the Biden 
Administration actually using them?
    And, if not, why not?
    Ms. Scholte. I do not understand it. Because we have the 
tools and we're not abiding by our own sanctions. And, you have 
a situation now where it was all these other ways that they're 
making money, not just with illicit activities with IT, but 
also with the slave labor.
    I mean, there's people--that practice was supposed to end. 
And, there are countries where, I think you had it in your 
testimony, where there are North Koreans that are slave 
laborers.
    And, their income goes, they're cash cows for the regime. 
And, they are subjected to miserable working conditions.
    So, there's all kinds of things that are not being done. 
Why are they not being done? I do not know. But, I--well, I 
would like to mention about the information campaign.
    Mr. Barr. Well, I'd love for you to comment on that. But, 
just the secondary sanctions, the idea is, the foreign bank, 
whether it's Chinese or any other, would have a choice to make.
    You either do business with North Korea and the proceeds of 
their cyberattacks or whatever, you know, their laborers, you 
know, sending money back to the regime, however they do.
    They have a choice. This bank has a choice. They can do 
business with North Korea or they can have access to the U.S. 
financial system. But, they cannot do both.
    That is a powerful tool in our quiver. And, it is not being 
use. And, Congress has authorized the Treasury Department to 
utilize this tool. And, they're sitting on their hands over 
there.
    So, if--anyway, my time has expired. But, if anybody else 
wants to comment on that, I'd invite it.
    Ms. Scholte. I'm just going to add, there's a very 
interesting chart just totally illustrates your point that's in 
this book that Josh Stanton prepared which shows the drop of 
Treasury designations, sanctions dropping dramatically in 2020, 
after the Singapore and Hanoi summits. And then, hardly going 
back up again.
    So, yes, there's a whole gap there.
    Mr. Barr. Am I right that it is mainly Chinese banks that 
are facilitating?
    Ms. Scholte. I would say mostly. But, probably 80 percent. 
But, there's other banks.
    Mr. Klinger. Yes. I would say the Chinese banks are the 
largest facilitators of North Korean behavior. And, I mentioned 
earlier that this Committee several years ago sent a list of 12 
Chinese banks, they sent a list to the White House in 2017 that 
believed they were committing money laundering crimes in the 
United States and no action was taken against any of those 
banks.
    Mr. Barr. Well, a policy of chasing diplomacy without 
actually using the tools that we have, is attempting to 
negotiate from a position of weakness. And, we're not going to 
achieve diplomatic goals without actually using the tools that 
we have.
    So, with that I yield.
    Mrs. Radewagen. Thank you. Well, I want to thank all the 
witnesses for their valuable testimony and, of course, the 
members for their questions. The members of the Committee may 
have some additional questions and we will ask you to respond 
to these in writing.
    Pursuant to Committee rules, all members may have 5 days to 
submit statements, questions, and extraneous materials for the 
record, subject to the length limitations.
    Without objection, the Committee stands adjourned.
    [Whereupon, at 3:48 p.m., the subcommittee was adjourned.]

                                APPENDIX
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]	


        CRDF GLOBAL: The DPRK'S EVASION OF U.S. AND UN SANCTIONS
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]	


NORTH KOREA'S HUMAN RIGHTS SITUATION: FOCUSING ON OVERSEAS WORKERS AND 
                               DEFECTORS
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]	

                          THE ROOT OF ALL EVIL
[GRAPHICS NOT AVAILABLE IN TIFF FORMAT]	

                                 [all]