Strategically insidious in how it exploits our self-deception about identity and access, cyber warfare continues to grow in its sophistication. The North Korean workers manipulated employers to believe they were within the United States, when in fact, many were based out of North Korea or China, and the revenue generated was transferred to North Korean-controlled accounts. Such accounts allow North Korea to skirt US sanctions and fund the regime’s weapons programs.

North Korea’s sophisticated intrusion into numerous American companies is symptomatic of broader vulnerabilities in digital authentication. These North Korean individuals were able to bypass any measures companies had in place to authenticate their identity. American companies must verify the identities of individuals they hire and ensure they are legally authorized to work in the United States. 

American companies should also follow a zero-trust model, assume their organization’s servers are always under breach, and ensure identities are verified. In response to the DPRK’s sanctions evasion, the United States must revise procedures and processes related to remote workers and vulnerabilities and find ways to mitigate the threat that North Korea’s cyber apparatus poses to the homeland.

North Korea’s intrusions into the US digital space only add to the growing list of cyberattacks our adversaries have conducted: China leverages persistence, Russia weaponizes chaos, and North Korea monetizes both. To make matters worse, as AI continues to grow and become more sophisticated, our adversaries will continue to find ways to use it to undermine American interests.

Over the course of the 43-day government shutdown this year, federal agencies and employees were subject to more than 555 million cyberattacks. Our adversaries used the shutdown as an opportunity to exploit gaps in cyber workforce readiness. One must consider what a full-scale cyber assault would look like should the United States become embroiled in an actual conflict with a near-peer adversary in the near future. Cybersecurity is national security, making it critical for the United States to undertake a concentrated effort to prepare for and deter future cyber threats. 

The path to real security begins with disciplined execution. Rather than the familiar pledge to “do everything we can,” the United States should first recognize its strengths in the cyber domain. The United States has a deep bench of cybersecurity tools but a lack of rigor when it comes to implementation. Furthermore, companies must continue to collaborate and find ways to work together on cyber defense. 

The Cybersecurity Information Sharing Act of 2015 (CISA 2015) gave the private sector the authority to share information not only with the government but also among themselves. To spur private sector innovation and flexibility in addressing cyber threats, American companies must be permitted to share data and collaborate. For this reason, reauthorizing CISA 2015 beyond January 30, 2026, becomes essential. 

Our adversaries are learning faster than our bureaucratic departments and agencies, and we must reverse that equation. We can’t ignore the fact that our adversaries’ tactics and means will only grow in sophistication, which means the United States must lean into its free-market advantages to spur innovation. 

The “new” Cold War the United States has found itself in will be fought with computer code as much as with conventional weapons systems, and the time has come to unleash the full potential of US cyber defense. In addition to our military, our government agencies, as well as the American private sector, are all on the frontlines of the cyber domain, whether we like it or not—all must be loaded for bear.