New U.S. sanctions treat hackers like terrorists

[www.inewsguyana.com] – President Barack Obama said Wednesday that the U.S. will now treat foreign hackers and cyber spies like terrorists and nuclear arms dealers.

He signed an executive order that would allow the U.S. to freeze their assets and bar them from entering the country.

The new powers would address a weakness in policy that has allowed a small number of bad cyber actors abroad to be sheltered from American authorities.

It is “broad brush … at the same time, it’s narrow,” said Michael Daniel, White House cybersecurity coordinator, during a press call with reporters.

He said the sanctions were meant to fill a policy gap in which “individuals carrying out significant malicious cyber activities are located in places where it’s difficult for our diplomatic or law enforcement tools to reach.”

The new powers will allow the U.S. to target any foreigner anywhere in the world, rather than relying on the legal basis of existing sanctions against a particular country. The financial sanctions placed on several North Korean officials following the Sony Pictures hack last year, for instance, were based on authority the president already had to sanction that country and its regime for previous proliferation activities.

The sanctions aren’t restricted to attacks on critical infrastructure — the 16 business sectors that the government regards as vital to the day-to-day functioning of the U.S., like the power grid, the banking and telecommunications systems and transit and water/sewage networks. They cover any attack that might pose “a significant threat to the national security, foreign policy, or economic health or financial stability of the U.S.,” including those on computer networks or involving theft of trade secrets, financial or personal information.

Assistant Attorney General for National Security John Carlin said the executive order will be especially powerful against those previously thought to be untouchable.

“I think we’ll absolutely look to hold accountable — and this will be another tool to do it — those companies that intentionally either hack themselves to steal intellectual property from American companies or hire or ask others to hack on their behalf and benefit from those ill-gotten trade secrets or intellectual property,” Carlin said.

Thus far, there has been no action against the companies named in last year’s indictment of five Chinese military hackers.

Nothing prevents the feds from applying the power announced Wednesday to past cases, Carlin acknowledged, noting that sanctions have followed criminal charges in cases involving terrorism and proliferation of weapons of mass destruction.

Carlin also said that the president’s executive order, issued under sanctions authorities granted the White House in the 1977 International Emergency Economic Powers Act, was a “significant action” in terms of elevating cybersecurity.

“I think designating malicious foreign cyber activities and putting that on the same frame that we do with terrorism and proliferators is a significant and important statement,” Carlin said. [Politico]