Un décret présidentiel du 2 janvier 2015 établit de nouvelles sanctions des Etats-Unis contre la Corée du Nord. Ces mesures sont justifiées par un ensemble de comportements provocateurs du régime de Pyongyang, spécialement l’attaque informatique contre la société de production cinématographique Sony Pictures.
Il s’agit de la plus grave attaque informatique jamais réalisée à l’encontre d’une entité non gouvernementale et d’une société commerciale. Le préjudice causé à Sony Pictures est considérable. Par la diversité de ses aspects, cette affaire fait prendre conscience de la gravité particulière des menaces que fait peser cette pratique informatique sur la sécurité des biens et des personnes dans un monde globalisé, c’est-à-dire sans restriction de lieux et de frontières. L’attaque contre la société de production marque donc un tournant qui devrait conduire dans l’avenir à un développement substantiel de la coopération internationale contre cette nouvelle forme de criminalité transnationale.
L’affaire a débuté le 24 novembre dernier lorsque l’intrusion dans le système informatique de l’entreprise a été découverte. L’attaque a pratiquement rendu ce système inutilisable, perturbant ainsi le fonctionnement de Sony Pictures et le travail de ses employés. La société a fait l’objet d’un chantage de la part des pirates informatiques qui ont annoncé qu’ils avaient pris possession de l’intégralité de ses données et qu’ils allaient publier ces informations si une importante somme d’argent ne leur était pas versée. A ce stade l’affaire prend un caractère crapuleux, le piratage pouvant servir à extorquer des sommes d’argent à la victime. La menace a été mise exécution par la diffusion de films encore inédits sur Internet, ainsi que par la publication d’informations confidentielles sur la société ou concernant des personnalités du cinéma. Le piratage est donc susceptible d’engendrer des atteintes graves à la vie privée. Le point culminant de cette action de piratage informatique a été atteint lorsque des menaces d’attentat contre les salles de cinéma diffusant le film, The Interview, une satire du régime nord-coréen, ont été proférées. A ce niveau l’affaire établit un lien entre le piratage et le terrorisme international. Les messages faisaient allusion au 11 Septembre et, en réalité, cette attaque est un petit 11 septembre par la menace globale qu’elle découvre. Le Président Obama a fortement réagi le 19 décembre en attribuant le piratage à la Corée-du-Nord et en annonçant des sanctions proportionnées.
Or on constate avec une vive inquiétude que les mesures prises par le gouvernement des Etats-Unis s’appuient sur des indices qui ne permettent pas d’établir avec certitude l’origine de l’attaque contre Sony Pictures. Les éléments présentés par le FBI orientent évidemment les investigations vers la Corée-du-Nord, mais les personnes ou entités impliquées et leur lien avec le régime ne sont pas identifiées. Cette incertitude apparait clairement dans les motifs du décret présentiel. Certes les Etats-Unis peuvent se permettre une telle construction branlante, mais au sein de l’Union européenne l’illégalité de telles mesures restrictives ne ferait guère de doute, eu égard aux exigences développées par la jurisprudence de la Cour européenne de justice. Le FBI s’appuie sur des « similitudes » qui autorisent seulement un rapprochement de cette affaire avec la Corée-du-Nord. Tel est bien le défi auxquels les Pouvoirs Publics de notre monde « globalisé » sont confrontés désormais du fait de cette pratique de l’hyper-piratage : comment agir efficacement si l’origine des faits criminels et leur imputation ne peuvent être établies ? Ces entreprises crapuleuses, totalitaires ou terroristes qui supposent les moyens d’un Etat ou d’une grosse organisation représentent un danger d’autant plus important que l’identification des responsables semble difficile.
White House
Statement by the Press Secretary on the Executive Order Entitled “Imposing Additional Sanctions with Respect to North Korea”
Today, the President issued an Executive Order (E.O.) authorizing additional sanctions on the Democratic People’s Republic of Korea. This E.O. is a response to the Government of North Korea’s ongoing provocative, destabilizing, and repressive actions and policies, particularly its destructive and coercive cyber attack on Sony Pictures Entertainment
The E.O. authorizes the Secretary of the Treasury to impose sanctions on individuals and entities associated with the Government of North Korea. We take seriously North Korea’s attack that aimed to create destructive financial effects on a U.S. company and to threaten artists and other individuals with the goal of restricting their right to free expression.
As the President has said, our response to North Korea's attack against Sony Pictures Entertainment will be proportional, and will take place at a time and in a manner of our choosing. Today's actions are the first aspect of our response.
Executive Order -- Imposing Additional Sanctions with Respect to North Korea
EXECUTIVE ORDER
- - - - - - -
IMPOSING ADDITIONAL SANCTIONS WITH RESPECT TO NORTH KOREA
By the authority vested in me as President by the Constitution and the laws of the United States of America, including the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), the National Emergencies Act (50 U.S.C. 1601 et seq.), section 212(f) of the Immigration and Nationality Act of 1952 (8 U.S.C. 1182(f)), and section 301 of title 3, United States Code; and in view of United Nations Security Council Resolution (UNSCR) 1718 of October 14, 2006, UNSCR 1874 of June 12, 2009, UNSCR 2087 of January 22, 2013, and UNSCR 2094 of March 7, 2013,
I, BARACK OBAMA, President of the United States of America, find that the provocative, destabilizing, and repressive actions and policies of the Government of North Korea, including its destructive, coercive cyber-related actions during November and December 2014, actions in violation of UNSCRs 1718, 1874, 2087, and 2094, and commission of serious human rights abuses, constitute a continuing threat to the national security, foreign policy, and economy of the United States, and hereby expand the scope of the national emergency declared in Executive Order 13466 of June 26, 2008, expanded in scope in Executive Order 13551 of August 30, 2010, and relied upon for additional steps in Executive Order 13570 of April 18, 2011. To address this threat and to take further steps with respect to this national emergency, I hereby order:
Section 1. (a) All property and interests in property that are in the United States, that hereafter come within the United States, or that are or hereafter come within the possession or control of any United States person of the following persons are blocked and may not be transferred, paid, exported, withdrawn, or otherwise dealt in: any person determined by the Secretary of the Treasury, in consultation with the Secretary of State:
(i) to be an agency, instrumentality, or controlled entity of the Government of North Korea or the Workers' Party of Korea;
(ii) to be an official of the Government of North Korea;
(iii) to be an official of the Workers' Party of Korea;
(iv) to have materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, the Government of North Korea or any person whose property and interests in property are blocked pursuant to this order; or
(v) to be owned or controlled by, or to have acted or purported to act for or on behalf of, directly or indirectly, the Government of North Korea or any person whose property and interests in property are blocked pursuant to this order.
(b) The prohibitions in this order apply except to the extent provided by statutes, or in regulations, orders, directives, or licenses that may be issued pursuant to this order, and notwithstanding any contract entered into or any license or permit granted prior to the effective date of this order.
Sec. 2. I hereby determine that the making of donations of the type of articles specified in section 203(b)(2) of IEEPA (50 U.S.C. 1702(b)(2)) by, to, or for the benefit of any person whose property and interests in property are blocked pursuant to section 1 of this order would seriously impair my ability to deal with the national emergency declared in Executive Order 13466, and I hereby prohibit such donations as provided by section 1 of this order.
Sec. 3. The prohibitions in this order include but are not limited to:
(a) the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any person whose property and interests in property are blocked pursuant to this order; and
(b) the receipt of any contribution or provision of funds, goods, or services from any such person.
Sec. 4. I hereby find that the unrestricted immigrant and nonimmigrant entry into the United States of aliens determined to meet one or more of the criteria in section 1(a) of this order would be detrimental to the interests of the United States, and I hereby suspend entry into the United States, as immigrants or nonimmigrants, of such persons. Such persons shall be treated as persons covered by section 1 of Proclamation 8693 of July 24, 2011 (Suspension of Entry of Aliens Subject to United Nations Security Council Travel Bans and International Emergency Economic Powers Act Sanctions).
Sec. 5. (a) Any transaction that evades or avoids, has the purpose of evading or avoiding, causes a violation of, or attempts to violate any of the prohibitions set forth in this order is prohibited.
(b) Any conspiracy formed to violate any of the prohibitions set forth in this order is prohibited.
Sec. 6. For the purposes of this order:
(a) the term "person" means an individual or entity;
(b) the term "entity" means a partnership, association, trust, joint venture, corporation, group, subgroup, or other organization;
(c) the term "United States person" means any United States citizen, permanent resident alien, entity organized under the laws of the United States or any jurisdiction within the United States (including foreign branches), or any person in the United States; and
(d) the term "Government of North Korea" means the Government of the Democratic People's Republic of Korea and its agencies, instrumentalities, and controlled entities.
Sec. 7. For those persons whose property and interests in property are blocked pursuant to this order who might have a constitutional presence in the United States, I find that because of the ability to transfer funds or other assets instantaneously, prior notice to such persons of measures to be taken pursuant to this order would render those measures ineffectual. I therefore determine that for these measures to be effective in addressing the national emergency declared in Executive Order 13466, there need be no prior notice of a listing or determination made pursuant to section 1 of this order.
Sec. 8. The Secretary of the Treasury, in consultation with the Secretary of State, is hereby authorized to take such actions, including the promulgation of rules and regulations, and to employ all powers granted to the President by IEEPA, as may be necessary to carry out the purposes of this order. The Secretary of the Treasury may redelegate any of these functions to other officers and agencies of the United States Government consistent with applicable law. All agencies of the United States Government are hereby directed to take all appropriate measures within their authority to carry out the provisions of this order.
Sec. 9. This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.
Letter -- Imposing Additional Sanctions with Respect to North Korea
http://December 19, 2014 Remarks by the President in Year-End Press Conference
Q Thank you, Mr. President. I’ll start on North Korea -- that seems to be the biggest topic today. What does a proportional response look like to the Sony hack? And did Sony make the right decision in pulling the movie? Or does that set a dangerous precedent when faced with this kind of situation?
THE PRESIDENT: Well, let me address the second question first. Sony is a corporation. It suffered significant damage. There were threats against its employees. I am sympathetic to the concerns that they faced. Having said all that, yes, I think they made a mistake.
In this interconnected, digital world, there are going to be opportunities for hackers to engage in cyber assaults both in the private sector and the public sector. Now, our first order of business is making sure that we do everything to harden sites and prevent those kinds of attacks from taking place. When I came into office, I stood up a cybersecurity interagency team to look at everything that we could at the government level to prevent these kinds of attacks. We’ve been coordinating with the private sector, but a lot more needs to be done. We’re not even close to where we need to be.
And one of the things in the New Year that I hope Congress is prepared to work with us on is strong cybersecurity laws that allow for information-sharing across private sector platforms, as well as the public sector, so that we are incorporating best practices and preventing these attacks from happening in the first place.
But even as we get better, the hackers are going to get better, too. Some of them are going to be state actors; some of them are going to be non-state actors. All of them are going to be sophisticated and many of them can do some damage.
We cannot have a society in which some dictator someplace can start imposing censorship here in the United States. Because if somebody is able to intimidate folks out of releasing a satirical movie, imagine what they start doing when they see a documentary that they don’t like, or news reports that they don’t like. Or even worse, imagine if producers and distributors and others start engaging in self-censorship because they don’t want to offend the sensibilities of somebody whose sensibilities probably need to be offended.
So that’s not who we are. That’s not what America is about.
Again, I’m sympathetic that Sony as a private company was worried about liabilities, and this and that and the other. I wish they had spoken to me first. I would have told them, do not get into a pattern in which you’re intimidated by these kinds of criminal attacks. Imagine if, instead of it being a cyber-threat, somebody had broken into their offices and destroyed a bunch of computers and stolen disks. Is that what it takes for suddenly you to pull the plug on something?
So we’ll engage with not just the film industry, but the news industry and the private sector around these issues. We already have. We will continue to do so. But I think all of us have to anticipate occasionally there are going to be breaches like this. They’re going to be costly. They’re going to be serious. We take them with the utmost seriousness. But we can’t start changing our patterns of behavior any more than we stop going to a football game because there might be the possibility of a terrorist attack; any more than Boston didn’t run its marathon this year because of the possibility that somebody might try to cause harm. So let’s not get into that way of doing business.
Q Can you just say what the response would be to this attack? Wwould you consider taking some sort of symbolic step like watching the movie yourself or doing some sort of screening here that --
THE PRESIDENT: I’ve got a long list of movies I’m going to be watching. (Laughter.)
Q Will this be one of them?
THE PRESIDENT: I never release my full movie list.
But let’s talk of the specifics of what we now know. The FBI announced today and we can confirm that North Korea engaged in this attack. I think it says something interesting about North Korea that they decided to have the state mount an all-out assault on a movie studio because of a satirical movie starring Seth Rogen and James Flacco [Franco]. (Laughter.) I love Seth and I love James, but the notion that that was a threat to them I think gives you some sense of the kind of regime we’re talking about here.
They caused a lot of damage, and we will respond. We will respond proportionally, and we’ll respond in a place and time and manner that we choose. It’s not something that I will announce here today at a press conference.
More broadly, though, this points to the need for us to work with the international community to start setting up some very clear rules of the road in terms of how the Internet and cyber operates. Right now, it’s sort of the Wild West. And part of the problem is, is you’ve got weak states that can engage in these kinds of attacks, you’ve got non-state actors that can do enormous damage. That’s part of what makes this issue of cybersecurity so urgent.
Again, this is part of the reason why it’s going to be so important for Congress to work with us and get a actual bill passed that allows for the kind of information-sharing we need. Because if we don’t put in place the kind of architecture that can prevent these attacks from taking place, this is not just going to be affecting movies, this is going to be affecting our entire economy in ways that are extraordinarily significant.
FBI National Press Office, Update on Sony Investigation December 19, 2014
Today, the FBI would like to provide an update on the status of our investigation into the cyber attack targeting Sony Pictures Entertainment (SPE). In late November, SPE confirmed that it was the victim of a cyber attack that destroyed systems and stole large quantities of personal and commercial data. A group calling itself the “Guardians of Peace” claimed responsibility for the attack and subsequently issued threats against SPE, its employees, and theaters that distribute its movies.
The FBI has determined that the intrusion into SPE’s network consisted of the deployment of destructive malware and the theft of proprietary information as well as employees’ personally identifiable information and confidential communications. The attacks also rendered thousands of SPE’s computers inoperable, forced SPE to take its entire computer network offline, and significantly disrupted the company’s business operations.
After discovering the intrusion into its network, SPE requested the FBI’s assistance. Since then, the FBI has been working closely with the company throughout the investigation. Sony has been a great partner in the investigation, and continues to work closely with the FBI. Sony reported this incident within hours, which is what the FBI hopes all companies will do when facing a cyber attack. Sony’s quick reporting facilitated the investigators’ ability to do their jobs, and ultimately to identify the source of these attacks.
As a result of our investigation, and in close collaboration with other U.S. government departments and agencies, the FBI now has enough information to conclude that the North Korean government is responsible for these actions. While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following:
Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks.
The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. government has previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol (IP) addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
Separately, the tools used in the SPE attack have similarities to a cyber attack in March of last year against South Korean banks and media outlets, which was carried out by North Korea.
We are deeply concerned about the destructive nature of this attack on a private sector entity and the ordinary citizens who worked there. Further, North Korea’s attack on SPE reaffirms that cyber threats pose one of the gravest national security dangers to the United States. Though the FBI has seen a wide variety and increasing number of cyber intrusions, the destructive nature of this attack, coupled with its coercive nature, sets it apart. North Korea’s actions were intended to inflict significant harm on a U.S. business and suppress the right of American citizens to express themselves. Such acts of intimidation fall outside the bounds of acceptable state behavior. The FBI takes seriously any attempt—whether through cyber-enabled means, threats of violence, or otherwise—to undermine the economic and social prosperity of our citizens.
The FBI stands ready to assist any U.S. company that is the victim of a destructive cyber attack or breach of confidential business information. Further, the FBI will continue to work closely with multiple departments and agencies as well as with domestic, foreign, and private sector partners who have played a critical role in our ability to trace this and other cyber threats to their source. Working together, the FBI will identify, pursue, and impose costs and consequences on individuals, groups, or nation states who use cyber means to threaten the United States or U.S. interests.