Statutes, codes, and regulations
United States Code
Title 22 - FOREIGN RELATIONS AND INTERCOURSEChapter 99 - NORTH KOREA SANCTIONS AND POLICY ENHANCEMENT
Subchapter II - SANCTIONS AGAINST NORTH KOREAN PROLIFERATION, HUMAN RIGHTS ABUSES, AND ILLICIT ACTIVITIES
Section 9229 - Report on and imposition of sanctions to address persons responsible for knowingly engaging in significant activities undermining cybersecurity

22 U.S.C. § 9229

Download
PDF
Current through P.L. 118-106 (published on www.congress.gov on 10/04/2024)
Section 9229 - Report on and imposition of sanctions to address persons responsible for knowingly engaging in significant activities undermining cybersecurity
(a) Report required
(1) In general

The President shall submit to the appropriate congressional committees a report that describes significant activities undermining cybersecurity aimed against the United States Government or any United States person and conducted by the Government of North Korea, or a person owned or controlled, directly or indirectly, by the Government of North Korea or any person acting for or on behalf of that Government.

(2) Information

The report required under paragraph (1) shall include-

(A) the identity and nationality of persons that have knowingly engaged in, directed, or provided material support to conduct significant activities undermining cybersecurity described in paragraph (1);
(B) a description of the conduct engaged in by each person identified;
(C) an assessment of the extent to which a foreign government has provided material support to the Government of North Korea or any person acting for or on behalf of that Government to conduct significant activities undermining cybersecurity; and
(D) a United States strategy to counter North Korea's efforts to conduct significant activities undermining cybersecurity against the United States, that includes efforts to engage foreign governments to halt the capability of the Government of North Korea and persons acting for or on behalf of that Government to conduct significant activities undermining cybersecurity.
(3) Submission and form
(A) Submission

The report required under paragraph (1) shall be submitted not later than 90 days after October 25, 2018, and every 180 days thereafter for 5 years.

(B) Form

The report required under paragraph (1) shall be submitted in an unclassified form, but may include a classified annex.

(b) Designation of persons

The President shall designate under section 9214(a) of this title any person identified in the report required under subsection (a)(1) that knowingly engages in significant activities undermining cybersecurity through the use of computer networks or systems against foreign persons, governments, or other entities on behalf of the Government of North Korea.

22 U.S.C. § 9229

Pub. L. 114-122, title II, §209, Feb. 18, 2016, 130 Stat. 110; Pub. L. 115-272, title III, §303(c)(1), Oct. 25, 2018, 132 Stat. 4157.

EDITORIAL NOTES

AMENDMENTS2018-Subsec. (a)(3)(A). Pub. L. 115-272 substituted "not later than 90 days after October 25, 2018, and every 180 days thereafter for 5 years" for "not later than 90 days after February 18, 2016, and every 180 days thereafter".

EXECUTIVE DOCUMENTS

DELEGATION OF FUNCTIONSFor delegation of certain functions of President under this section, see Memorandum of President of the United States, May 18, 2016, 81 F.R. 37479, set out as a note under section 9212 of this title.

Government of North Korea
The term "Government of North Korea" means the Government of North Korea and its agencies, instrumentalities, and controlled entities.
North Korea
The term "North Korea" means the Democratic People's Republic of Korea.
United States person
The term "United States person" means-(A) a United States citizen or an alien lawfully admitted for permanent residence to the United States; or(B) an entity organized under the laws of the United States or of any jurisdiction within the United States, including a foreign branch of such an entity.
appropriate congressional committees
The term "appropriate congressional committees" means-(A) the Committee on Foreign Relations and the Committee on Banking, Housing, and Urban Affairs of the Senate; and(B) the Committee on Foreign Affairs, the Committee on Financial Services, and the Committee on Ways and Means of the House of Representatives.
significant activities undermining cybersecurity
The term "significant activities undermining cybersecurity" includes-(A) significant efforts to-(i) deny access to or degrade, disrupt, or destroy an information and communications technology system or network; or(ii) exfiltrate information from such a system or network without authorization;(B) significant destructive malware attacks;(C) significant denial of service activities; and(D) such other significant activities described in regulations promulgated to implement section 9214 of this title.