The U.S. Government Wields Sanctions as the New Tool to Deter Cyber Bullies

By CIOReview | Thursday, April 2, 2015
894
1411
290

FREMONT, CA: In the wake of sophisticated cyber attacks targeting big U.S. companies – like Sony – and other critical infrastructure and citizens of the U.S., President Barack Obama has issued an ‘Executive Order’ to punish bad actors through sanctions besides keeping the window open for dealing with cybersecurity related issues through diplomacy, law enforcement, and cooperation with other governments and private sector.

The President has been more vocal of late about the cyber attacks such as in the case of email hacking of top tier Sony executives. An Executive Order was signed in January this year authorizing additional sanctions on the Democratic People’s Republic of Korea (DPRK).

The new Executive Order is aimed at securing U.S. interests including: national security, foreign policy, economic health, financial stability, and personal information of the U.S. citizens. As online attacks on banks, businesses, and technological infrastructure – such as the recent DDoS attack on GitHub – in the U.S. are trending unabatedly, the U.S. tends to wield a stronger stick to beat the cyber bullies.

How does the New Executive Order Help?
The U.S. government will now freeze the assets of those who are found to be directly involved as well as those who abet cyber attacks against the U.S. interests. Sanctions will be leveled on the individuals and entities which are involved or complicit in malicious attacks.

“I’m for the first time authorizing targeted sanctions against individuals or entities whose actions in cyberspace result in significant threats to the national security, foreign policy, economic health or financial stability of the United States,” Barack Obama, the President of the U.S.

Scenarios for Sanctions
The sanctions can be authorized on individuals and entities who indulge in or complicit in: compromising the critical U.S. infrastructure sector; attacking private U.S. companies; stealing the trade secrets of the U.S. companies as well as personal information of the U.S. citizens; knowingly using the stolen trade secrets of the U.S. organizations; attacking the computing infrastructure; misappropriating funds or economic resources  or financial information to remain competitive or for private financial gain.

The sanctions however are not applicable for those cyber victims who have been used as botnets in DDoS attacks. Exemptions are also in place for cybersecurity research community or professionals who are striving to make the make the networks safer.