Obama cyberattacker sanctions raise due process, attribution concerns

New financial sanctions announced by the White House target cyberattackers, but some question how agencies will identify targets

New U.S. government sanctions targeting the bank accounts of suspected cyberattackers raise questions about due process for people who feel they're wrongly accused and about how agencies will identify the source of attacks.

The new sanctions, announced by President Barack Obama's administration Wednesday, would allow the U.S. Department of the Treasury to freeze the funds held in U.S. banks of people and organizations suspected of engaging in malicious cyberattacks that pose a "significant threat to the national security, foreign policy, economic health, or financial stability" of the U.S., according to information released by the White House.

The Treasury Department, consulting with the Department of Justice and Department of State, could impose the sanctions if it has a "reasonable basis to believe" the targeted organization or person is engaging in the malicious attacks.

But attributing the source of cyberattacks is still difficult, and it's unclear what standard of proof the U.S. government will use to impose the new sanctions, some legal and cybersecurity experts said. In addition, the White House offered few details about how accused organizations can challenge the sanctions, critics said.

"What standard of proof are agencies going to use?" said Nick Akerman, a veteran lawyer focused on cybersecurity and privacy at law firm Dorsey and Whitney in New York City. "It's not always clear who the hackers are."

Akerman praised the Obama administration for calling cyberattacks a "national emergency," saying such recognition is long overdue, but he questioned how targeted groups will challenge the sanctions.

He also questioned how the Treasury Department and other agencies involved would determine an attack was serious enough to impose sanctions. "Are we just taking the word of the company that was hacked, or are they just going after a competitor overseas?" he said.

The new sanctions will be limited and will not be used to target free speech or interfere with an open Internet, Obama administration officials said during a press briefing Wednesday. "We very much intend this tool to be one that is targeted and judicious in its use," White House Cybersecurity Coordinator Michael Daniel said. "It's not one that we are expecting to use every day."

Affected organizations or people will be able to appeal the sanctions, added John Smith, acting director of the Treasury Department's Office of Foreign Assets Control. Targets of the sanctions can file an administrative appeal with Smith's office, or they can file a lawsuit in U.S. district court, he said.

The goal of the order appears to be targeting overseas criminal syndicates and "fraudsters," said Ken Westin, a security analyst at cybersecurity vendor Tripwire.

Implementing the sanctions will be challenging because of the difficulty attributing attacks, he added by email. "You may be able to identify from what country an attack is routed through, but identifying who is behind the keyboard or phone is a different story altogether," he said. "One of the reason cyberattacks and technology enabled fraud have been so prevalent is due to the ease of evading detection and relative anonymity that a number of tools available provide."

The order may help beef up U.S. cyberdefenses, but attributing the source of attacks is "not nearly as easy as it sounds", added Greg Foss, senior security engineer with LogRhythm, another cybersecurity vendor.

"It is trivial for hackers to pivot through other countries and misplace blame in order to create the illusion that an attack originated from a specific location," Foss added by email. "Malware can and will be created that contains false data, to shift culpability."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Dorsey and WhitneyJohn SmithU.S. White HouseTripwiregovernmentBarack ObamaU.S. Department of the Treasurydata protectionLogRhythmNick AkermanKen WestinMichael DanielsecurityGreg Foss

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?