President Barack Obama has signed an executive order that gives the U.S. government the power to sanction suspected cyber-criminals with financial and travel restrictions amid high-profile hacks.
Obama has declared a state of ‘national emergency’ with regards to the nations cyber-security, and has used that as justification for the executive order.
Rt.com reports:
On the heels of attacks suffered by Sony Pictures Entertainment, Target and a seemingly ever-expanding list of other victims as of late, this Obama administration newest effort is intended to amplify the government’s ability to go after hackers and deter future online assaults that may otherwise have crippling effects. Coupled with the Department of Justice’s recent promise to ramp-up its ability to counter foreign cyber-criminals through the creation of a new threat integration center, the latest memo from the White House reveals yet another option in the administration’s growing toolkit with regards to its ability to tackle malicious actors who operate online. The language included in this week’s directive is already raising concerns, however, and could be broad enough to give the federal government unmatched new powers in the digital realm.
The “increasing prevalence and severity of malicious cyber-enabled activities” originating overseas is posing an “unusual and extraordinary threat” to America’s national security, foreign policy and economy, reads part of the 6-page executive order, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” published by the White House on Wednesday. Being able to restrict those resources of individuals thought responsible, according to the president, provides his administration with “a targeted tool for countering the most significant” threats to be waged against the nation’s critical infrastructure.
“This executive order supports the administration’s broader strategy by adding a new authority to combat the most serious malicious cyber-threats that we face,” the president said in a statement.
In an explanation published by the Treasury, the directive is described as “intended to address situations where, for jurisdictional or other issues, certain significant malicious cyber actors may be beyond the reach of other authorities available to the US government.”
Under the directive, the Departments of the Treasury, Justice and State may consult with one another and come up with a list of persons believed to be responsible for or complicit in cyberattacks waged against US networks determined by the administration to be detrimental enough to warrant a reaction, be it by restrictions of the financial or travel variety.
Not an April fools joke at all, President Obama declares a national emergency to deal with hackers: https://t.co/SBa6OG8BWK
— Rob Graham (@ErrataRob) April 1, 2015
“We’re giving notice to those who pose significant threats to our security or economy” —Obama: http://t.co/5ISaVdFxN0 pic.twitter.com/itjQAgN56f — The White House (@WhiteHouse) April 1, 2015
By freezing assets of those subject to sanctions and making it more difficult for them to do business with US entities, we can remove a powerful economic motivation for committing these acts in the first place,” Monaco said. “With this new tool, malicious cyber actors who would target our critical infrastructure or seek to take down Internet services would be subject to these costs when designated for sanctions.”
Officially, critical infrastructural components include vital systems and assets that could cause a debilitating impact on security, national economic security, national public health or safety and covers the communication, commercial and transportation sectors, among others, according to the Dept. of Homeland Security.
Sanctions for secret-spilling?
Given that the executive order authorizes action to be taken against entities accused of assisting “deliberate activities accomplished through unauthorized access to a computer system,” though, concerns have already gave way regarding the possible use of the directive to censor foreign news outlets depending on how their source material has been obtained. Marcy Wheeler, an independent national security reporter formerly with The Intercept, wrote on her blog on Wednesday that there is the possibility that the administration might use the executive order to target foreign entities that disclose secret documents if they happened to be acquired in a method the doesn’t cut the administration’s mustard.
Could this new EO be used against foreign media outlets that publish leaked documents? https://t.co/E8zRlJVDgW
— emptywheel (@emptywheel) April 1, 2015
Commander in chief of world’s most well-financed, out-of-control army of hackers introduces sanctions to punish others who hack.
— Christopher Soghoian (@csoghoian) April 1, 2015
For their role in the disclosures, Manning and Snowden have both been charged with espionage, with the former currently serving a 35-year prison sentence; Chicago hacktivist Jeremy Hammond is serving 10-years in prison for hacking a private intelligence company, Stratfor, and providing stolen company details to WikiLeaks; and several foreigners alleged to be operatives of Anonymous, the hacktivist movement Hammond acted with when he broke into Stratfor, remain wanted in the US for an array of attacks on government and corporate targets waged by the online collective.
One supposed former member of Anonymous from abroad who is still under indictment in the US for cyber-intrusions suffered by American entities jokingly told RT’s Andrew Blake they didn’t find fault with the administration’s latest offering, “as long as the rest of the world reserves the multilateral right to block, freeze, disrupt and appropriate all and any assets of the US government for its extensive, unilateral, unlawful and covert computer hacking activities in every country on the planet.”
‘Aimed at United States activists’?
Andrew “weev” Auernheimer, a 29-year-old computer hacker who was sentenced to prison for disclosing a security vulnerability that effected AT&T and Apple, added that the administration’s latest order may be ineffective given the realm in which cyber-actors operate today.
“This measure would have been something to pass in the nineties, when technologies for irreversible currency transactions didn’t exist,” Auernheimer told Blake. “As it stands, this is just going to hasten the advance of Bitcoin’s adoption by criminal enterprises. Courts cannot seize Bitcoin without seizing the keys, which are held in countries hostile to United States enforcement arms.”
“Obama’s administration continually attempts to give the impression they’re fighting foreign cyber-crime, but every single indictment seems to be aimed at United States activists. I was falsely imprisoned by the Obama administration and tortured for legitimate and lawful public criticisms of his corporate allies,” Auernheimer added. “Before passing more regulations, his administration should do their duty of making amends to me for the terroristic violence it performed upon me.” Auernheimer’s conviction for computer fraud was vacated by a federal appeals court in 2014.
Last month, John Carlin, chief of the Justice Department’s National Security Division, said that the Justice Dept. is ramping up its ability to track down suspected cyber-criminals through the establishment of a new agency, the Cyber Threat Intelligence Integration Center. Monaco, the president’s homeland security adviser, said that the new center will ensure “information is shared rapidly among existing cyber-centers and other elements within our government and supporting the work of operators and policy makers with timely intelligence about the latest cyber-threats and threat actors,” and “connect the dots” between cyber-threats “so that relevant departments and agencies are aware of these threats in as close to real time as possible.”