Obama’s Welcome Cyber Sanctions Plan Is Worth Expanding

On April 1, U.S. President Barack Obama signed an executive order expanding Washington’s ability to deter cyberattacks, by empowering the government to apply financial sanctions on hackers and companies overseas that benefit from cyber-espionage. The directive authorizes the secretary of the treasury, in consultation with the attorney general and secretary of state, to impose sanctions on individuals and entities that he determines are responsible for, or complicit in, malicious cyber-enabled activities that may constitute a threat to U.S. national security, foreign policy, economic health or financial stability. The measure was no April Fool’s Day joke. Indeed, it reflects a move by the U.S. to tap its traditional—that is, non-cyber—sources of power in order to promote security in cyberspace. For beleaguered systems administrators and cybersecurity professionals, the move, which represents yet another brick in the foundation of a deterrent posture, is cause for celebration.

The available sanctions are limited, but essentially enable the Treasury Department to freeze assets within U.S. reach of those entities that Treasury Secretary Jacob Lew deems a threat to national interests. Lew may also sanction entities that receive or use secrets and information misappropriated by cyber means and prohibit the entry into the United States of individuals associated with them. While such sanctions would not likely prevent or appreciably affect state-sponsored campaigns, such as China’s ongoing espionage efforts and recent attacks on anti-censorship organizations or North Korea’s coercive raids on Sony, they have the potential to affect criminal organizations, which historically account for a vast number of cyberattacks. …

This article is available on subscription at World Politics Review http://www.worldpoliticsreview.com/articles/15480/obama-s-welcome-cyber-sanctions-plan-is-worth-expanding

Partner & Fellow Blogs