President Obama has issued an executive order that aims to combat “malicious cyber-enabled activities” executed wholly, or in “substantial part,” by foreign attackers targeting the United States.
On Wednesday, the President detailed a new sanctions program which authorizes government officials to sanction threat actors posing a significant threat to the nation's safety or economy.
“I hereby declare a national emergency to deal with this threat,” Obama wrote in the Executive Order.
Specifically, the sanctions would apply to “any person determined by the Secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, to be responsible for or complicit in, or to have engaged in, directly or indirectly, cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States that are reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States,” the order said.
Individuals who have harmed or significantly compromised a computer (or network of computers) that support one or more entities in the critical infrastructure sector are among those who could blocked from financial dealings with the U.S., the order declared, as well as foreign attackers that cause a “significant misappropriation” of funds or economic resources, financial data, trade secrets or personal identifiers.
In response to the new executive order, Lisa Monaco, a U.S. Homeland Security and counterterrorism advisor to the President, said in a White House blog post that cyber threats, such as the ones detailed in the order, “are at the top of the President's list of security concerns."
“In just the past year, we have seen a significant increase in the frequency, scale, and sophistication of cyber incidents targeting the American people, including everything from large data breaches and significant intrusions to destructive and coercive cyber attacks intended to influence the way ordinary Americans exercise their constitutional rights,” Monaco said. “In many cases, these threats stem from actors overseas using malicious cyber activities to inflict harm on Americans without ever leaving their desks.”
The new sanctions program comes just three months after the White House imposed additional sanctions against North Korea, in a rare move, due to the country being deemed the perpetrator of the major cyber attack against Sony Pictures Entertainment in late 2014. Despite the FBI and White House's conclusion that the country was behind the attack, which included the use of data-wiping malware and the leak of sensitive data, including Sony executives' emails, a faction of individuals in the security community expressed, and continue to voice, their doubts in the North Korea attribution theory.
In an apparent effort to calm impending concern about the new sanctions program – particularly the impact it could have on the IT security community and enterprises – Monaco wrote that the executive order was “specifically designed to be used to go after the most significant malicious cyber actors" targeting the U.S.
“It is not a tool that we will use every day," Monaco continued. "Law-abiding companies have absolutely nothing to worry about; for them, it's business as usual. We will never use it to try to silence free expression online or curb Internet freedom. Nor will this authority be used to go after legitimate cybersecurity researchers or innocent victims whose computers are compromised. It is designed to be used in conjunction with our other authorities — including law enforcement and diplomatic efforts — to help deter and disrupt the worst of the cyber threats that we face."