Menu
Obama cyberattacker sanctions raise due process, attribution concerns

Obama cyberattacker sanctions raise due process, attribution concerns

New financial sanctions announced by the White House target cyberattackers, but some question how agencies will identify targets

New U.S. government sanctions targeting the bank accounts of suspected cyberattackers raise questions about due process for people who feel they're wrongly accused and about how agencies will identify the source of attacks.

The new sanctions, announced by President Barack Obama's administration Wednesday, would allow the U.S. Department of the Treasury to freeze the funds held in U.S. banks of people and organizations suspected of engaging in malicious cyberattacks that pose a "significant threat to the national security, foreign policy, economic health, or financial stability" of the U.S., according to information released by the White House.

The Treasury Department, consulting with the Department of Justice and Department of State, could impose the sanctions if it has a "reasonable basis to believe" the targeted organization or person is engaging in the malicious attacks.

But attributing the source of cyberattacks is still difficult, and it's unclear what standard of proof the U.S. government will use to impose the new sanctions, some legal and cybersecurity experts said. In addition, the White House offered few details about how accused organizations can challenge the sanctions, critics said.

"What standard of proof are agencies going to use?" said Nick Akerman, a veteran lawyer focused on cybersecurity and privacy at law firm Dorsey and Whitney in New York City. "It's not always clear who the hackers are."

Akerman praised the Obama administration for calling cyberattacks a "national emergency," saying such recognition is long overdue, but he questioned how targeted groups will challenge the sanctions.

He also questioned how the Treasury Department and other agencies involved would determine an attack was serious enough to impose sanctions. "Are we just taking the word of the company that was hacked, or are they just going after a competitor overseas?" he said.

The new sanctions will be limited and will not be used to target free speech or interfere with an open Internet, Obama administration officials said during a press briefing Wednesday. "We very much intend this tool to be one that is targeted and judicious in its use," White House Cybersecurity Coordinator Michael Daniel said. "It's not one that we are expecting to use every day."

Affected organizations or people will be able to appeal the sanctions, added John Smith, acting director of the Treasury Department's Office of Foreign Assets Control. Targets of the sanctions can file an administrative appeal with Smith's office, or they can file a lawsuit in U.S. district court, he said.

The goal of the order appears to be targeting overseas criminal syndicates and "fraudsters," said Ken Westin, a security analyst at cybersecurity vendor Tripwire.

Implementing the sanctions will be challenging because of the difficulty attributing attacks, he added by email. "You may be able to identify from what country an attack is routed through, but identifying who is behind the keyboard or phone is a different story altogether," he said. "One of the reason cyberattacks and technology enabled fraud have been so prevalent is due to the ease of evading detection and relative anonymity that a number of tools available provide."

The order may help beef up U.S. cyberdefenses, but attributing the source of attacks is "not nearly as easy as it sounds", added Greg Foss, senior security engineer with LogRhythm, another cybersecurity vendor.

"It is trivial for hackers to pivot through other countries and misplace blame in order to create the illusion that an attack originated from a specific location," Foss added by email. "Malware can and will be created that contains false data, to shift culpability."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Dorsey and WhitneyJohn SmithU.S. White HouseTripwiregovernmentBarack ObamaU.S. Department of the Treasurydata protectionLogRhythmNick AkermanKen WestinMichael DanielsecurityGreg Foss

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments