​Obama announces hacker sanctions amid cyber-security ‘national emergency’

1 Apr, 2015 18:15 / Updated 10 years ago

An executive order signed by President Barack Obama gives the United States government the go-ahead to sanction suspected cyber-criminals with financial and travel restrictions amid a wave of high-profile hacks.

Citing the surge of assaults against the computer networks of US entities in recent months, Pres. Obama said Wednesday that he has declared a “national emergency” and accordingly authorized the US Treasury Department to sanction suspected hackers operating abroad in an effort to discourage future cyber-assaults.

On the heels of attacks suffered by Sony Pictures Entertainment, Target and a seemingly ever-expanding list of other victims as of late, this Obama administration newest effort is intended to amplify the government’s ability to go after hackers and deter future online assaults that may otherwise have crippling effects. Coupled with the Department of Justice’s recent promise to ramp-up its ability to counter foreign cyber-criminals through the creation of a new threat integration center, the latest memo from the White House reveals yet another option in the administration’s growing toolkit with regards to its ability to tackle malicious actors who operate online. The language included in this week’s directive is already raising concerns, however, and could be broad enough to give the federal government unmatched new powers in the digital realm.

The “increasing prevalence and severity of malicious cyber-enabled activities” originating overseas is posing an “unusual and extraordinary threat” to America’s national security, foreign policy and economy, reads part of the 6-page executive order, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” published by the White House on Wednesday. Being able to restrict those resources of individuals thought responsible, according to the president, provides his administration with “a targeted tool for countering the most significant” threats to be waged against the nation’s critical infrastructure.

“This executive order supports the administration’s broader strategy by adding a new authority to combat the most serious malicious cyber-threats that we face,” the president said in a statement.

In an explanation published by the Treasury, the directive is described as “intended to address situations where, for jurisdictional or other issues, certain significant malicious cyber actors may be beyond the reach of other authorities available to the US government.”

Under the directive, the Departments of the Treasury, Justice and State may consult with one another and come up with a list of persons believed to be responsible for or complicit in cyberattacks waged against US networks determined by the administration to be detrimental enough to warrant a reaction, be it by restrictions of the financial or travel variety.

Not an April fools joke at all, President Obama declares a national emergency to deal with hackers: https://t.co/SBa6OG8BWK

— Rob Graham (@ErrataRob) April 1, 2015

Specifically, the order says an individual can be sanctioned if the government believes them to be involved in a cyberattack that harms, compromises or disrupts a computer network integral to critical US infrastructure. Also subject to sanctions, however, are any persons purported to have electronically pilfered or otherwise intercepted trade secrets or financial information with the intent of achieving monetary gain.

“No one connected to the internet is immune from these harms – not businesses, not private citizens and not the government,” Lisa Monaco, the homeland security adviser to the president, said of the threats posed by hackers in a statement this week. “Moreover, the implications of these harms are as real as they are complex – everyone can feel the effects of malicious cyber-activity, from the consumer who is forced to deal with the consequences of a data breach affecting a business with whom he or she deals, to the company whose trade secret is stolen by faraway competitors.”

"We’re giving notice to those who pose significant threats to our security or economy" —Obama: http://t.co/5ISaVdFxN0pic.twitter.com/itjQAgN56f

— The White House (@WhiteHouse) April 1, 2015

“By freezing assets of those subject to sanctions and making it more difficult for them to do business with US entities, we can remove a powerful economic motivation for committing these acts in the first place,” Monaco said. “With this new tool, malicious cyber actors who would target our critical infrastructure or seek to take down Internet services would be subject to these costs when designated for sanctions.”

Officially, critical infrastructural components include vital systems and assets that could cause a debilitating impact on security, national economic security, national public health or safety and covers the communication, commercial and transportation sectors, among others, according to the Dept. of Homeland Security.

Sanctions for secret-spilling?

Given that the executive order authorizes action to be taken against entities accused of assisting “deliberate activities accomplished through unauthorized access to a computer system,” though, concerns have already gave way regarding the possible use of the directive to censor foreign news outlets depending on how their source material has been obtained. Marcy Wheeler, an independent national security reporter formerly with The Intercept, wrote on her blog on Wednesday that there is the possibility that the administration might use the executive order to target foreign entities that disclose secret documents if they happened to be acquired in a method the doesn’t cut the administration’s mustard.

Could this new EO be used against foreign media outlets that publish leaked documents? https://t.co/E8zRlJVDgW

— emptywheel (@emptywheel) April 1, 2015

According to the Treasury, “malicious cyber-enabled activities” as described in the president’s order includes “deliberate activities accomplished through unauthorized access to a computer system, including by remote access; circumventing one or more protection measures, including by bypassing a firewall or compromising the security of hardware or software in the supply chain.”

“Does WikiLeaks’ publication of secret Trans-Pacific Partnership negotiations qualify? Does Guardian’s publication of contractors’ involvement in NSA hacking?” Wheeler asked.

Indeed, the Treasury said this week that the order “is tailored to address cyber-enabled activities that are reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy or economic health or financial stability of the United States.

As this language indicates, it is intended to counter the most significant cyber-threats that we face, whether they target our critical infrastructure, our companies, our citizens or our economic health or financial stability,” the Treasury said.

Previously, though, lawmakers have blamed WikiLeaks, the infamous secret-spilling organization, for being a danger to national security, especially after it published State Dept. and Pentagon documents taken by a US Army intelligence analyst, Chelsea Manning, and successfully lobbied PayPal, Visa and MasterCard to stop processing donations to the anti-secrecy group. Last December, attorneys for the credit card processor used by WikiLeaks filed a lawsuit over what the blockade.

The Intercept, the Guardian and other publications with staff composed of US and non-US citizens alike have referenced classified US National Security Agency files provided by NSA contractor-turned-leaker Edward Snowden, and those disclosures have not only been detrimental to counterterrorism measures, according to administration officials, but have also exposed the US government’s own reliance on tactics now considered sanction-worthy, as of this week’s executive order. According to government documents provided by Snowden, the NSA has physically and remotely broken into computer systems to eavesdrop on intelligence targets and has routinely led efforts to compromise the security of major tech manufacturers’ products.

Commander in chief of world's most well-financed, out-of-control army of hackers introduces sanctions to punish others who hack.

— Christopher Soghoian (@csoghoian) April 1, 2015

For their role in the disclosures, Manning and Snowden have both been charged with espionage, with the former currently serving a 35-year prison sentence; Chicago hacktivist Jeremy Hammond is serving 10-years in prison for hacking a private intelligence company, Stratfor, and providing stolen company details to WikiLeaks; and several foreigners alleged to be operatives of Anonymous, the hacktivist movement Hammond acted with when he broke into Stratfor, remain wanted in the US for an array of attacks on government and corporate targets waged by the online collective.

One supposed former member of Anonymous from abroad who is still under indictment in the US for cyber-intrusions suffered by American entities jokingly told RT’s Andrew Blake they didn’t find fault with the administration’s latest offering, “as long as the rest of the world reserves the multilateral right to block, freeze, disrupt and appropriate all and any assets of the US government for its extensive, unilateral, unlawful and covert computer hacking activities in every country on the planet.”

'Aimed at United States activists'?

Andrew “weev” Auernheimer, a 29-year-old computer hacker who was sentenced to prison for disclosing a security vulnerability that effected AT&T and Apple, added that the administration’s latest order may be ineffective given the realm in which cyber-actors operate today.

“This measure would have been something to pass in the nineties, when technologies for irreversible currency transactions didn't exist,” Auernheimer told Blake. “As it stands, this is just going to hasten the advance of Bitcoin's adoption by criminal enterprises. Courts cannot seize Bitcoin without seizing the keys, which are held in countries hostile to United States enforcement arms.”

“Obama's administration continually attempts to give the impression they're fighting foreign cyber-crime, but every single indictment seems to be aimed at United States activists. I was falsely imprisoned by the Obama administration and tortured for legitimate and lawful public criticisms of his corporate allies,” Auernheimer added. “Before passing more regulations, his administration should do their duty of making amends to me for the terroristic violence it performed upon me.” Auernheimer's conviction for computer fraud was vacated by a federal appeals court in 2014.

Last month, John Carlin, chief of the Justice Department’s National Security Division, said that the Justice Dept. is ramping up its ability to track down suspected cyber-criminals through the establishment of a new agency, the Cyber Threat Intelligence Integration Center. Monaco, the president’s homeland security adviser, said that the new center will ensure “information is shared rapidly among existing cyber-centers and other elements within our government and supporting the work of operators and policy makers with timely intelligence about the latest cyber-threats and threat actors,” and “connect the dots” between cyber-threats “so that relevant departments and agencies are aware of these threats in as close to real time as possible.”