Menu
Obama cyberattacker sanctions raise due process, attribution concerns

Obama cyberattacker sanctions raise due process, attribution concerns

New financial sanctions announced by the White House target cyberattackers, but some question how agencies will identify targets

New U.S. government sanctions targeting the bank accounts of suspected cyberattackers raise questions about due process for people who feel they're wrongly accused and about how agencies will identify the source of attacks.

The new sanctions, announced by President Barack Obama's administration Wednesday, would allow the U.S. Department of the Treasury to freeze the funds held in U.S. banks of people and organizations suspected of engaging in malicious cyberattacks that pose a "significant threat to the national security, foreign policy, economic health, or financial stability" of the U.S., according to information released by the White House.

The Treasury Department, consulting with the Department of Justice and Department of State, could impose the sanctions if it has a "reasonable basis to believe" the targeted organization or person is engaging in the malicious attacks.

But attributing the source of cyberattacks is still difficult, and it's unclear what standard of proof the U.S. government will use to impose the new sanctions, some legal and cybersecurity experts said. In addition, the White House offered few details about how accused organizations can challenge the sanctions, critics said.

"What standard of proof are agencies going to use?" said Nick Akerman, a veteran lawyer focused on cybersecurity and privacy at law firm Dorsey and Whitney in New York City. "It's not always clear who the hackers are."

Akerman praised the Obama administration for calling cyberattacks a "national emergency," saying such recognition is long overdue, but he questioned how targeted groups will challenge the sanctions.

He also questioned how the Treasury Department and other agencies involved would determine an attack was serious enough to impose sanctions. "Are we just taking the word of the company that was hacked, or are they just going after a competitor overseas?" he said.

The new sanctions will be limited and will not be used to target free speech or interfere with an open Internet, Obama administration officials said during a press briefing Wednesday. "We very much intend this tool to be one that is targeted and judicious in its use," White House Cybersecurity Coordinator Michael Daniel said. "It's not one that we are expecting to use every day."

Affected organizations or people will be able to appeal the sanctions, added John Smith, acting director of the Treasury Department's Office of Foreign Assets Control. Targets of the sanctions can file an administrative appeal with Smith's office, or they can file a lawsuit in U.S. district court, he said.

The goal of the order appears to be targeting overseas criminal syndicates and "fraudsters," said Ken Westin, a security analyst at cybersecurity vendor Tripwire.

Implementing the sanctions will be challenging because of the difficulty attributing attacks, he added by email. "You may be able to identify from what country an attack is routed through, but identifying who is behind the keyboard or phone is a different story altogether," he said. "One of the reason cyberattacks and technology enabled fraud have been so prevalent is due to the ease of evading detection and relative anonymity that a number of tools available provide."

The order may help beef up U.S. cyberdefenses, but attributing the source of attacks is "not nearly as easy as it sounds", added Greg Foss, senior security engineer with LogRhythm, another cybersecurity vendor.

"It is trivial for hackers to pivot through other countries and misplace blame in order to create the illusion that an attack originated from a specific location," Foss added by email. "Malware can and will be created that contains false data, to shift culpability."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags governmentdata protectionBarack ObamaU.S. White HouseTripwireLogRhythmDorsey and WhitneyU.S. Department of the TreasuryMichael DanielKen WestinNick AkermanGreg FossJohn Smith

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments