and gentlemen, andrew roberts. [ applause ] ladies and gentlemen, it is a great honor to be invited to a address you. thank you very much for those very kind words. when we started this morning david equated this to an opera. the only thing i know is it apt over until the fat lady sings. we'll leave our american history tv far white house briefing on north korea and cyber attack on u.s. computer operations. it spread rapidly across the

world. the malware incrypted thousands while victims receivedd ransom attacks. the computers detected put lives at risk, not just money. the kbriets is publicly acountry butting the cyber attack to north korea. we do so with evidence and with partners. other governments agree the united kingdom, australia, canada and japan have seen our analysis and join us in denouncing. commercial partners have also

acted. the stability of the internet and stability of our skert of our liberty and accountability and cooperation are the cornerstone. malicious belaif yor starts with this step of accountability. the at ttribution is a step towards holding them aabccountae but it's not the last step. the u.s. will lead in effort. president trump has rallied allies and responsible tech companies to increase the security of the internet. cooperation will bring security and we can no longer afford to wait. we applaud our corporate

partners for acting on their own initiative without any action by the u.s. government to disrupt the activity of north korean hackers. microsoft acted in ways that spared many u.s. targets. microsoft and facebook acted to disable a number and disrupt operations as north koreans were disrupting computers across the globe. they shut down accounts. i'm extremely proud of the hard and dedicated work of the cyber security professionals. i'm happy to have one of the finest with me. i would like to introduce assistant secretary at dhs. we call today -- i call today and the president calls today on the private sector to increase activity by taking actions that

deny north korea and the bad actors the ability to launch destructive cyber acts. as companies join us it will fa fall. as we make the interflnet safere will continue to hold accountable those who threaten us whether they act alone or with hostile nations. i turn it over to jeanette. thank you. just like preventing terrorism or responding to hurricanes and wild fires it is a shared responsibility between government, industry and the american people. this is a great example of how this partnership works. it began on the friday before mother's day. we first learned something

unusual was happening from our partners as the malware traversed the globe. as the national health service and the u.k. was impacted we knew we were dealing with a serious issue and began to activate our domestic industry partnership. i asked for assistance from our partners and by 9:00 p.m. that night i had over 30 companies represented on calls many of who offered assistance throughout the weekend. by working closely with those companies throughout that night we were able to issue a tech technical alert.

we stayed on alert all weekend. we are largely able to escape the impact that other countries experienced. in many ways it was a defining moment and inspiring one. it demonstrated the tireless commitment of our industry partners. it showed how the government and private sector got it right. our investments keeping our systems up to date and sharing information paid off. although the attack demonstrated our national capability we cannot be complaisacentomplacen. in many instances these are the same we have faced in the past they are skbrus operating in a different space. most devices are connecting to the internet. it come poupds the challenge for security practitioners. this is why cyber security continues to be one of the most significant risks to the united

states. in addition we see some gaps between what an entity might consider adequate security for themselves in what is in the public's interest. they depend on critical services and functions such as a stable financial system; all things that enable our modern way of life. many of these are run by the private sector. to ensure adequate security dhs plans to move beyond only offering voluntary assistance to becoming the world leader in intervening directly with companies when necessary. we have issued tech nnical aler in understanding the types of

m malware and urge them to remove them from their systems so they cannot have access to our infrastruck dhur. these incidents can have life threatening consequences. how did we get here? innovation and automation equals efficiency and cost savings. attackers only have to be right once but defenders have to be right all of the time. some say defending cyber space is impossible. i disagree with this. we can take small actions to make the cyber eco system safer. we need to get to the advantage to the defender. we make it way too easy for attackers by operating

independently. government and industry must work together now more than ever if we are serious about improving our collective defense. we cannot secure our homeland alone. cyber security is a shared responsibility. we all play a part in keeping the internet safe to prevent another attack we are calling on all companies to commit to the collected defense of our nation. this commitment does not end on our borders as identified in the incident cyber security is a global challenge. as many as 150 countries had this. it is only through international partnerships the united states had time to prepare. we are working to strengthen our relationships with signer security centers across the world. we are taking a greater leadership role in signer security. we seek to drive the market towards more secure solutions i head of us by great challenges which i know we can accomplish

by working together. thank you very much. >> thanks. questions, sir? >> reporter: two questions. the united states was apparently a bit slow to publicly identify north korea as the culprit in all of this. was there new evidence that came to the floor that lead to making this public conclusion? the second question is about hut hutchins who helped out to stop. what is going happen to him the fact that he has been locked up on unrelated charges? >> two questions there, one did we do it too slowly? i think the most important thing is to do it right and not too fast. what we did was rely on -- and some of it i can't share unfortunately, technical links to previously identify north

korean cyber tools. we had to examine a lot. we had to put it together in a way that allowed us to make a contribution. as we move forward we can't do it wrong. we can't get it wrong. we can't try to rush it. i think ultimately at this point if we had gotten it wrong it would have been more of a damage to our reputation than it bouf been a boom for us to do it quicker. the second, i can't comment on the ongoing criminal prosecution there. i will note that to some degree we got lucky. a lot of ways in the united states it was partnership and private companies and so forth. we also had a programmer that noticed a glitch in the malware and then acted to kill it. he took a risk but it worked and it caused a lot of benefit. so we'll give him that.

next time we won't get so lucky. we are calling on an increased routine speed of sharing information so we can prevent patient 0 from being patient 150. >> you said that cyber affiliates were responsible for this. north korea is a fairly inclusive country. how do you believe generally that will hatheir cyber operati work? how does it all piece together what you have been able to entail. >> so the difficulty was to figure out who was operating the keyboard on whose behalf. people can be launching from places that are not in north

korea. we are comfortable in this case that it was directed be i the government of north korea. we are also comfortable in saying there were actors on their behalf carrying out this attack and they carried it out in the past. that was one of the trade craft routines that allowed us to reach that conclusion. that said, how they operate is often a little mysterious. if we knew better we would be able to address north korea and with more clarity. part of the larger strategy of increased pressure is to get them to change that behavior. i mean they have smart programmers. it is a shame their government is leading them down the use of that in the wrong direction. if they had a free government they would be positive contribute toeors to the free w. >> do you think they outsourced the majority of the operations?

>> i don't think there's an outsourcing redemption. i think it happens by their leadership. >> the private sector is approving the ability to work with them. there's two halves to this. they report to us all of what they are seeing. if you're receiving it and they report it to us you can notify the whole country to be on the lookout for that. as we move forward and become more sophisticated we will ask them to look into sharing more tech a technical information so we can get a better view of defending ourselves. >> the first purpose of ransom wear is raising money. do you have any idea what they

did with the money? did it go to its benefit? >> it's interesting. we don't know how much money they raised but they didn't seem to architect it in a way a smart one would do so. once word got out that paying didn't unlock your kpluter the paying stopped. i think this was a wreckless attack. p. the money was a side benefit. i don't think they got a lot of it. >> reporter: what is the dons kwe -- consequence of this? >> at this point north korea has done everything wrong as an actor on a global stage and president trump has used just about every lever he can do to change their behavior. we don't have a lot of room left here to apply pressure to change

their behavior. it is important to let them know it is them and we know it is them. i think some of the benefit that comes from this attribution is letting them know we'll move to stop their behavior. in this case the private sector also acted. facebook took down accounts that stopped the operational execution of cyber attacks. so this is allowing us to stop supporting north korean hackers and it's secondarily an opportunity to call on the other countries that were effected to stop that same behavior. off north koreans can rely on people outside of the country to carry out this malicious activity. we need other countries to work with us. >> reporter: so to follow up on this it seeps like there's a

different handling. first there's no rollout where you're calling out north korea by name for cyber activities but take russia for interfering in the u.s. election, why hasn't there been more to call russia out for its activities? >> i think president obama called them out and i think for what it's worth president trump not only continued the national emergency but he did so hichls and sapgsed the russians involved in last year. i think he continued that for another year and will probably continue it for the year after that. >> reporter: have all of the sanctions before implemented? >> yeah. it was with respect to significant cyber enabled

activities. >> it was to deal with the extraordinary threat to the security foreign policy. look, in addition the if that's not making people comfortable this year we acted to remove from all of our federal networks. we did so because having a company constituted a risk to our federal networks. we have had providers, sellers, retail stores follow suit and other foreign governments also follow suit with that action. i think we are leading to take them off of the interflet and knocking them off their game. i welcome the question. i think we stand with a good record. >> thanks. i have a follow-up on that and a second question. president has said that findings about russian fer fear ranss is

hard to know how to act on that. >> today took us a little while. i believe we have the evidence to assort this. in this case we found a concerted effort. >> you mentioned that north korea has acted especially badly and unchecked. there is we have taken actions reportedly against the nuclear facilities, in terpsover using our own capabilities. when you say largely unteched. >> i think president trump has made it very clear that previous administrations could have and should have done more to apply

more pressure when the opportunity to do so might have resulted in a better world. i think at this point the cyber issue has come on the heels of other decisive action. we will continue to apply that pressure come -- campaign without any waivering. >> you said the leadership of north korea ordered this. that's not something that would necessarily be visible from the code itself of. >> that's right. >> can you tell us a little bit about that and whether you believe kim jong un was directly involved in that decision? can you tell us a little bit about what the motive was. chaos, you can see that but that's not the usual north korean mo.

it is usually a little more concentrated. it is all over the place. tell us a little bit about that and how attribution got you. >> let me go backwards and do it in reverse order. one of the difficulties is that it is reckless. it is why it is so important. the idea here is that what discriminates on the map is not the intent but the quality of defenses of the people they sought to attack. the targets in the united states were harder. they were sufferingless. people that dhien that took this win badly. some np great britain were we fepgted badly. we are all struggling keep up

with this increasingly reckless behaifr y behai behavior. it is hard to find that smoking gun. what we have done sheer combined a series of behaviors. we have deep and experienced analysts within our kplunty that look at the operational infrastructu infrastructure. so you have to apply some work here, not just code analysis. >> can you take a look? do you think it would have med a significant to difference. zb they are almost never

designed on purpose. they are making a pruloduct achd se -- and selling it for a person. in this particular case i'm fairly broud of that. we have that he had most vulnerable in the world. at a rate of almost 90% reveals those. we choose to share those back with the company so they can increase the collective defense of the country. it's not fair for us to keep those exploits while people that are l bring harm to them. i'm proud and i would go one step deeper for you. those vulnerabilities that we

keep we keep for very specific pumps so we can increase national security. they need to be protected. one level even deeper, when they use it for national security for classified work we some times find everyday of bad behavior. some times it allows us to attribute those actions. we are doing it on a regular basis and in a more routine fashion. we are able to call targets that aren't subject to big rollouts. we can say we need to get better at doing that. so that process is an equities

balancing process. i know the united states is above any other country in the world. >> reporter: two things, one, a matter of policy, is it policy that an attack on the u.s. company institutes an attack on the u.s. government. the you explain that policy? on digital currency i know you said not much money was raised off of this but it seems to be sort of an open space since it appears to be thousand hackers were seeking any compensation. what are you doing on that? >> any crypto currency is also a concern as we hope it doesn't end up being used for elicit behaifr yb behavior. it comes from our belief that the hackers hit targets that reported to us what they did about it.

the target seems to have reported that it mostly didn't pay. they weren't getting their computers unlocked so the others stopped paying. we are able to track the behavior. >> you would not have necessarily had visibility into how this was being abused or manipulated? >> it is a difficulty as a general matter. i'm not sure how we would have tracked that into this particular country. i'll have to get back on this. i will say that your last question is open. it is not about holding a countryaccountable. we determined who was behind the attack. it is pretty straightforward. we'll hold them accountable and we'll shame them for it. blep we will try to trust each other

more. >> that's not the policy right now. >> reporter: [ inaudible question ] >> i'm sorry? >> reporter: [ inaudible question ] >> i hope they decide to stop behaving badly online. i'm not naive. i think they will continue to deny and believe they are beyond repercussions. i think they will realize the president of the country and allies he rallied will bring them to change its behaivior. i think he has been clear on that and i'm glad he is our

president in that regard. >> reporter: can you say how the president initially interpreted these findings? did he have any doubts? secondly, senator lindsay gram soez there is a dlans the president will strike to test north korea. do you dispute gram's claims? >> i have no ability to put a percentage on those outcomes. it did you want se it doesn't seem productive for me to do so. >> so you talked about that when you guys share information back with companies rather than exploit the vulnerabilities? was it one of the 10% you guys had held onto? >> i think there's a case to be made for the tool that was used here being coupled together from

a number of different sources. the exploit is the tool, the bad tool but the urpdlike vulnerability predated and preexisted, i believe, you are administration is taking power. i don't know where they got it but they had a number of things coupled together in a tool meant to cause harm, they didn't entirely create themselves. we were able to look at where they got different parts and tied them together and where they did so. they used their trade craft and revealed their hand. >> reporter: one of the criticisms that came out was that the nsa chose -- [ inaudible question ]

we need to imply security measures. i think brad appreciates more and better what we hold onto. we have made it a transparent proce process. >> reporter: [ inaudible question ] >> it is something we rolled out. i'll tell you even the aclu complimented us -- >> reporter: [ inaudible question ] >> brad smith is standing with me on this. he will stand with me on television if you need him to.

brad has come out in this particular case and joined us in this attribution. i have absolutely no fear there's any wedge between us. >> reporter: you didn't really answer the question fully. >> i believe i did. let me tell you why i thought i did. i didn't mean to give you short shift. the reason i thought i answered it is because mr. sanger's question touched on the process. i'll go back. what brad was talking about was his belief that we were not adequately waiting the different equities in the process when we le held onto vulnerabilities. we have opened it. at the time he made the comments it was not an open process. >> so we are still holding onto tools? >> we hold onto about 10%.

>> how does it make the private industry feel comfortable if you're not providing 100%? >> we certainly didn't attack 150 countries and hundreds of thousands of computers. the north koreans took a vulnerability, mod if i hified deployed it. okay. last question. >> reporter: you said it's difficult to track. sarah told us a couple of weeks ago you were monitoring it. why are you monitoring it? what is the administration's position on this they operate if a way that there's great i think

what she plept to tell you is i track abdomen hon to this but another sing we want to mike sure they respect being wassed. p we don't have any negative or positive view on it. this new. >> thank you. >> i'll tell do you what, el gf you -- as for kurpt trips

housing is a major challenge. the governor has a large problem here as we move twor ward with this if. >> 65% is a significant milestone. we were hoping the to if. puerto rico is on my mind? okay. thank you. >> thank you. >> excuse me. the house administration committee meets today to consider a bill that would require house members and their staff to complete anti-harassment training each

session of congress. that's live at 12:15 p.m. eastern here on cspan 3. the house rules committee meets to consider a bill that would extend funding on january 19th. that's live starting at 3:00 p.m. eastern. sunday on c-span's q and a. >> i met him through my father who was a confidant to him. he liepged ked to party. he liked to have a drink or two. you couldn't ask for a more fun guy to be with. he was very serious about that and also someone who did not

take advice very well. he consequently said and did things that hurt the cause for some time. sunday night at 8:00 eastern. that's on c-span. in 1953 winston churchhill was awarded. up next we'll take a look at his career as a historian with andrew roberts. this is 50 minutes. ladies and gentlemen, we ended last year's conference with a presentation by andrew roberts. we know a winning when we see one. so this year