President Obama issued an executive order earlier this month declaring a national emergency to deal with malicious cyber-enabled activities originating outside of the U.S.
“I intend to employ the authorities of my office and this Administration, including diplomatic engagement, trade policy tools, and law enforcement mechanisms, to counter the threat posed by malicious cyber actors,” Obama said in a statement accompanying the executive order, issued April 2.
The order authorizes the secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, to impose sanctions on individuals and entities that he determines to be responsible for or complicit in malicious cyber-enabled activities that pose “a significant threat to the national security, foreign policy, economic health, or financial stability of the United States.”
Getting down to details
Specific activities targeted are:
• Harming the provision of services by entities in a critical infrastructure sector, which includes financial services.
• Significantly disrupting the availability of a computer or network of computers, including through a distributed denial-of-service attack.
• Misappropriating funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.
• Knowingly receiving or using trade secrets that were stolen by cyber-enabled means.
• Attempting, assisting, or providing related material support.
“Malicious cyber actors often rely on U.S. infrastructure to commit the acts described in the order, and they often use our financial institutions or partners to transfer their money. By sanctioning these actors, we can limit their access to the U.S. financial system and U.S. technology supply and infrastructure. Basically, sanctioning them can harm their ability to both commit these malicious acts and to profit from them,” a White House fact sheet says.
Reactions to the order
In response to the order, Secretary of the Treasury Jack Lew said: “The Treasury Department is committed to protecting the U.S. financial system from a range of state and nonstate actors. Today’s Executive Order allows us to expose and financially isolate those who hide in the shadows off the internet to conduct malicious cyber activities that threaten the national security, foreign policy, or economic health or financial stability of the United States.
“This authority is a powerful new tool to help protect our security and economy against those who would exploit the free, open, and global nature of the internet to cause harm. We intend to use this authority carefully and judiciously against the most serious cyber-threats to protect our nation’s critical infrastructure.”
ABA made this statement: “The executive order issued today sends a strong signal to cyber criminals and foreign entities that America is committed to fighting this increasing threat. U.S. businesses are committed to working with the government to help protect our critical infrastructure and the economic security of our country.”
- TD Bank Survey: Fraud Top of Mind, But Financial Institutions Lack Training
- How to Protect Sensitive Financial Data from Ransomware with Next-Gen Cloud Infrastructure
- Hack Attempts: BSA Officers Are Not immune
- Meeting the Threat in 2019: Cybersecurity for Financial Services
- Bank Fraud Case Exposed by Unusual Source