Summary:Sanctions will hit cyber criminals where it hurts - in the pocket, says the White House
The White House has set out plans to use economic sanctions against cyber attackers and companies that benefit from the online theft of secrets.
An executive order signed today authorises a set of new sanctions against individuals or groups whose cyber attacks result in significant threats to US national security or economic health.
China is backing away from US tech brands for state purchases as NSA revelations continue to make headlines in newspapers all around the world.
It gives authorities the power to freeze assets, and also allows sanctions to be applied against companies that knowingly use stolen trade secrets.
The wording of the President's executive order certainly adds an element of drama, stating that "the increasing prevalence and severity of malicious cyber-enabled activities" pose an "unusual and extraordinary threat" to the national security, foreign policy, and economy of the US.
"I hereby declare a national emergency to deal with this threat," said President Barack Obama in the order.
Obama said digital attacks have targeted US businesses to steal trade secrets, and warned that hackers in China and Russia have targeted US defence contractors and systems, while Iranian hackers have targeted American banks.
Writing on Medium he said: "Networks that control much of our critical infrastructure - including our financial systems and power grids - are probed for vulnerabilities by foreign governments and criminals."
But he said it is often hard to pursue attackers either because of weak or poorly-enforced foreign laws, or because some governments are either unwilling or unable to crack down on those responsible.
Special Feature
Why do many boards leave IT security primarily to security technicians, and why can’t techies convince their boards to spend scarce cash on protecting stakeholder information? We offer guidance on how to close the IT security governance gap.
Obama said the primary focus will be on attackers from outside the US, and while diplomacy and law-enforcement tools will still be the most effective response, "targeted sanctions, used judiciously, will give us a new and powerful way to go after the worst of the worst".
White House homeland security adviser Lisa Monaco said there had been a significant increase in the frequency, scale and sophistication of cyber incidents targeting the US in the past year.
She said as this type of crime - stealing sensitive information or trade secrets - is often profit-motivated, sanctions can be effective because it stops criminals enjoying "the ill-gotten proceeds of their activities".
She added: "By freezing assets of those subject to sanctions and making it more difficult for them to do business with US entities, we can remove a powerful economic motivation for committing these acts in the first place."
In reality, it's incredibly hard to isolate individuals responsible for cyber attacks - especially when it comes to industrial espionage, where attacks may take place over months and years, and even harder to prove that a company has benefited from such an attack.
No comments:
Post a Comment