Obama authorises penalties for foreign cyber attackers
Wed 1 Apr 2015
President Barack Obama has today signed an executive order extending the U.S. administration’s power to respond to malicious cyberattacks and espionage campaigns. The order enforces financial sanctions on foreign hackers who action attacks against American businesses, institutions and citizens.
“Cyber threats pose one of the most serious economic and national security challenges to the United States, and my Administration is pursuing a comprehensive strategy to confront them,” said Obama in an official statement. “As we have seen in recent months, these threats can emanate from a range of sources and target our critical infrastructure, our companies, and our citizens. This Executive Order offers a targeted tool for countering the most significant cyber threats,” he continued.
The new legislation will enable the secretary of the Treasury, along with the attorney general and secretary of State, to inflict penalties on cybercriminals behind hacking attacks which “create a significant threat to U.S. national security, foreign policy or economic health or financial stability of the United States,” Obama said. Sanctions could include freezing of assets or a total ban on commercial trade.
The U.S. government has long expressed a need to tighten its control over response and punishment following cyberattacks – a desire encouraged by the Sony Pictures hack last November, which the country’s administration openly blamed on North Korea. In January, Obama processed another executive order directly linked to these attacks which specifically sanctions North Korean hackers.
The authorities will be limited to imposing the new sanctions solely in cases where the attacks are considered significant enough to warrant a penalty. Punishable attacks could include malicious security breaches of critical infrastructure, DDoS campaigns against computers and networks, or those that result in the “significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain,” reads a fact sheet published by the White House.
“I intend to employ the authorities of my office and this Administration, including diplomatic engagement, trade policy tools, and law enforcement mechanisms, to counter the threat posed by malicious cyber actors,” Obama said.
“This Executive Order supports the Administration’s broader strategy by adding a new authority to combat the most serious malicious cyber threats that we face.”