Obama un­veils pro­gram to guard against hack­ers


Pres­i­dent Barack Obama on Wed­nes­day or­dered a new sanc­tions pro­gram that could block as­sets of U.S. and for­eign hack­ers and of com­pa­nies that seek to profit from cy­ber­at­tacks.

Obama said the threat from cy­ber­at­tacks was a “na­tional emer­gency” and that the sanc­tions could help strike back against those in­volved in at­tacks on U.S. tar­gets.

“Start­ing to­day, we’re giv­ing no­tice to those who pose sig­nif­i­cant threats to our se­cu­rity or econ­omy by dam­ag­ing our crit­i­cal in­fra­struc­ture, dis­rupt­ing or hi­jack­ing our com­puter net­works, or steal­ing the trade se­crets of Amer­i­can com­pa­nies or the per­sonal in­for­ma­tion of Amer­i­can cit­i­zens for profit,” Obama said in a blog post on the Medium web­site.

He added that cy­ber threats “pose one of the most se­ri­ous eco­nomic and na­tional se­cu­rity chal­lenges to the United States,” and that the sanc­tions will take aim both at hack­ers and “against com­pa­nies that know­ingly use stolen trade se­crets to un­der­mine our na­tion’s eco­nomic health.”

Obama said in his state­ment that hack­ers in China, Rus­sia and Iran were among those at­tack­ing U.S. tar­gets and added that “it’s of­ten hard to go af­ter bad ac­tors, in part be­cause of weak or poorly en­forced for­eign laws, or be­cause some gov­ern­ments are ei­ther un­will­ing or un­able to crack down on those re­spon­si­ble.”

The an­nounce­ment comes af­ter an epi­demic of in­ci­dents re­ported in re­cent months, in­clud­ing a dev­as­tat­ing attack against Sony Pic­tures, and data breaches that stole credit card or health data on tens of mil­lions of Amer­i­cans.

Cost­ing US Jobs

Un­der the or­der, the U.S. Trea­sury would be able to freeze or block as­sets of those in­volved in at­tacks on “crit­i­cal” U.S. com­puter net­works, such as bank­ing sys­tems or elec­tric power, or the theft of data such as credit card in­for­ma­tion, and of com­pa­nies that profit from such at­tacks.

“Cy­ber in­tru­sions and at­tacks — many of them orig­i­nat­ing over­seas — are tar­get­ing our busi­nesses, steal­ing trade se­crets, and cost­ing Amer­i­can jobs. Ira­nian hack­ers have tar­geted Amer­i­can banks,” Obama said.

“The North Korean cy­ber­at­tack on Sony Pic­tures de­stroyed data and dis­abled thou­sands of com­put­ers. In other re­cent breaches that have made head­lines, more than 100 mil­lion Amer­i­cans had their per­sonal data com­pro­mised, in­clud­ing credit card and med­i­cal in­for­ma­tion.”

The ex­ec­u­tive or­der al­lows the Trea­sury and At­tor­ney Gen­eral’s of­fice to im­pose sanc­tions on hack­ers pos­ing “a sig­nif­i­cant threat to the na­tional se­cu­rity, for­eign pol­icy, or eco­nomic health or fi­nan­cial sta­bil­ity of the United States.”

This could re­spond to so-called dis­trib­uted de­nial-of-ser­vice at­tacks, theft of trade se­crets or credit card num­bers or other “sen­si­tive in­for­ma­tion,” ac­cord­ing to a White House state­ment.

Sanc­tions could also be im­posed on com­pa­nies that use trade se­crets or other stolen data or as­sist hack­ers in their ef­forts.

Of­fi­cials said there were no im­me­di­ate plans to use th­ese sanc­tions but that the ad­di­tional tool would bol­ster U.S. ef­forts us­ing law en­force­ment, diplo­macy or mil­i­tary ac­tions.

“We in­tend to use this tool ju­di­ciously and in ex­tra­or­di­nary cir­cum­stances,” said John Smith of the Trea­sury’s Of­fice of For­eign As­sets Con­trol, which ad­min­is­ters sanc­tions.

Obama said the new sanc­tions would “in no way tar­get the un­wit­ting vic­tims of cy­ber­at­tacks,” such as peo­ple whose com­put­ers are hi­jacked, and that the pro­gram would not be used against cy­ber­se­cu­rity re­searchers or to curb free­dom of on­line ex­pres­sion.

The sanc­tions are “not a tool that we will use ev­ery day,” U.S. home­land se­cu­rity ad­viser Lisa Monaco said, adding that “lawabid­ing com­pa­nies have ab­so­lutely noth­ing to worry about.”

Un­in­tended Con­se­quences?

Some pri­vacy ac­tivists ques­tioned the broad lan­guage in the or­der, say­ing it could have un­fore­seen im­pacts.

The or­der could be in­ter­preted to tar­get in­ves­tiga­tive re­porters, said Marcy Wheeler on the pri­vacy blog Empty Wheel.

“Does Wik­iLeaks’ pub­li­ca­tion of se­cret Trans-Pa­cific Part­ner­ship ne­go­ti­a­tions qual­ify? Does Guardian’s pub­li­ca­tion of con­trac­tors’ in­volve­ment in NSA hack­ing?” she wrote.

Newspapers in English

Newspapers from Taiwan

© PressReader. All rights reserved.