WASHINGTON — President Barack Obama on Wednesday authorized a new U.S. government approach to deterring cyberattacks: financial sanctions against malicious overseas hackers and companies that knowingly benefit from the fruits of cyberespionage.
The latter category could include state-owned corporations in Russia, China and elsewhere, setting the stage for major diplomatic friction if the sanctions are employed in that way.
“Cyberthreats pose one of the most serious economic and national security challenges to the United States,” Obama said in a statement after signing an executive order creating the first sanctions program aimed at cyberattacks.
The order was the latest attempt by his administration to come up with options short of direct retaliation to deal with a growing cyberthreat coming from both nations and criminal groups. It gives the U.S. the authority to levy sanctions on individuals and companies, though no specific penalties were announced.
“We are excited about this new tool that will allow us to expose and isolate those behind malicious cyberactivity,” said John Smith, who directs the Treasury Department division that will administer the sanctions.
Obama said the sanctions would apply to those engaged in malicious cyberactivity that aims to harm critical infrastructure, damage computer systems and steal trade secrets or sensitive information. To be subject to sanctions, the hacking would have to be deemed to have harmed the national security or the economic health of the U.S.
The sanctions, which would name the targets, seize their U.S. funds and ban them from the American financial system, would also apply to “a corporation that knowingly profits from stolen trade secrets,” the White House said. U.S. intelligence and law enforcement officials have long possessed evidence that state-owned companies in China and elsewhere are complicit in economic cyberespionage that targets the intellectual property of Western companies, but they have largely been unable to act on it.
The administration has “really thought about how to make this painful to the beneficiaries,” of cyberspying, said James Lewis, a cyber expert with the Center for Strategic and International Studies. “They’ve gotten away with this for a long time, so making them suffer a little for stealing is a good idea.”
The announcement follows the Obama administration’s allegations that North Korea was behind last year’s cyberattack on Sony Pictures. The U.S. did sanction several North Korean individuals in retaliation for the Sony hack, but they were not targeted specifically for their role in that incident.
In February, James Clapper, the director of national intelligence, listed cyberattacks as the most pressing danger facing the country, and he said the cyberthreat from Russia “is more severe than we had previously assessed.”
U.S. officials have been warning of a growing cyberthreats for years. Major U.S. companies, including Target and Home Depot, have been the target of criminal hacking that put consumer information at risk.
Foreign intelligence services are probing and penetrating critical infrastructure, including U.S. power grids, so that they can inflict damage in the event of a conflict, American intelligence officials have said publicly.
They have also alleges that hackers based in Russia and China are engaging in a widespread pillaging of corporate trade secrets, some of it state-sponsored. Former National Security Agency director Keith Alexander has called that the greatest illicit transfer of wealth in history. China and Russia deny any role in the cyberthefts.
Last May, the Justice Department issued criminal indictments against five Chinese military hackers it accused of cyberespionage against U.S. corporations for economic advantage. FBI director James Comey said at the time the spying was to benefit Chinese companies, but he neither named the companies nor took formal action against them.
U.S. officials say they have gotten better at tracing the source of cyberattacks, a notoriously difficult thing to do, given that their origins can easily be disguised.
The sanctions are “a new powerful tool that we intend to use,” said John Carlin, assistant attorney general for national security, who said the government is applying lessons “learned in our battle against terrorists and proliferators.”
He added, “There is no free pass in the cyberarena.”