Responding to cyberattacks, Obama orders sanctions for foreign hackers

Foreign hackers who destroy or steal data from computer networks used by U.S. government or businesses could be slapped with U.S. economic or travel sanctions under a White House order announced Wednesday.

Companies that benefit from cyberattacks or espionage in the U.S. would also face punishing sanctions, U.S. officials said.

The move, authorized under an executive order signed by President Obama, is the latest government response to a recent string of costly cyberattacks launched from abroad against U.S. targets, including the destruction of computer systems at Sony Pictures last fall.

“We’re giving notice to those who pose significant threats to our security or economy by damaging our critical infrastructure, disrupting or hijacking our computer networks, or stealing the trade secrets of American companies or the personal information of American citizens for profit,” Obama said in a statement.

No specific individuals or companies were designated for sanctions under the order, officials said.

The White House is under pressure to dismantle criminal hacking rings and to punish countries and corporations that benefit from secrets siphoned out of American computer networks.

Under the executive order, Treasury officials can block travel and freeze bank accounts belonging to individual hackers working for themselves, on behalf of hostile countries, criminal organizations or foreign companies.

Before Obama’s order, the Treasury Department had authority only to sanction officials in a few countries, including North Korea and Iran, for launching cyberattacks.

“This allows us to target the activity itself wherever it arises,” John Smith, who heads the Treasury Department’s sanctions programs, told reporters.

Smith said the penalties are “not designed to police the Internet” or stifle free speech or innovation. He said sanctions would not be directed at news organizations that publish information from hacked systems, such as Edward Snowden’s handing reporters classified files he copied from the National Security Agency.

Under the executive order, American banks and companies would be forbidden from doing business with individuals on the sanctions list. Designated hackers would be denied entry to the U.S., and any U.S. assets in their names would be frozen.

The effect could be limited because few hackers in North Korea, China, Russia, Iran or other countries linked to cyberattacks are known to own homes or bank accounts in the U.S.

But U.S. officials who briefed reporters said many international banking transactions touch the U.S. financial system, even without the account holder’s knowledge.

Michael Daniel, Obama’s cybersecurity advisor, said the executive order gives Treasury investigators power to go after computer criminals in the same way they degrade drug cartels, terrorist networks and international criminal organizations.

“We know sanctions are not a cure-all for this particular threat, but it is an important tool to have,” Daniel said.

He suggested it might give pause to companies “that hire hackers to steal intellectual property.”

He said the White House hopes that other countries will follow with similar sanctions against computer criminals.

Cyberattacks have escalated sharply in the last year, causing hundreds of millions of dollars in damage.

Major U.S. banks have been infiltrated, millions of patient records were stolen from the health insurance company Anthem, Russian hackers infiltrated U.S. State Department computers, and Iranian hackers shut down computer systems run by Las Vegas Sands Corp. in Las Vegas.

As part of the administration response, the CIA announced last month that it would create a cyber directorate to improve its digital tradecraft and protecting secrets, for example.

In February, Obama ordered the Department of Homeland Security to develop security standards for crucial business networks and gave the department authority to share classified information with private companies about cyber threats.

Lawmakers in Congress are separately considering a bill that would protect companies from lawsuits if they share information with the federal government about attacks on company computers.

In January, the Treasury Department sanctioned 10 people and three North Korean government entities that have been key players in the country’s cyber offensives.

Officials said those penalties were in direct response to North Korea’s role in the hack of Sony Pictures computer systems, as well as threats made against theaters screening Sony’s film “The Interview,” a comedy about a supposed CIA plot to assassinate North Korean leader Kim Jong Un.

This year, Russian hackers infiltrated the State Department’s unclassified email system, requiring computer experts to completely rebuild the email system used by U.S. diplomats around the world.

Director of National Intelligence James R. Clapper told lawmakers in February that Russia is playing a growing role in cyberattacks against the U.S. government and American companies, in addition to hackers working for China, North Korea and Iran.

Follow me on Twitter @ByBrianBennett.