President Obama issued an executive order on April 1 that would allow the U.S. government to impose sanctions on foreign entities that engage in malicious cyber activities that create a significant threat to the United States.

Obama declared the increasing severity of malicious cyber attacks from entities outside the United States a national emergency, prompting the executive order.

The order authorizes the Secretary of the Treasury, in consultation with the Secretary of State and Attorney General, to impose sanctions when the activities are “likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States.”

“This Executive Order offers a targeted tool for countering the most significant cyber threats that we face,” Obama said in a statement accompanying the order.

Individuals or entities engaging in malicious cyber-enabled activities that can be sanctioned must meet one of several qualifications:

  • must have the purpose or effect of harming or significantly compromising the provision of services by a computer or network of computers that support one or more entities in a critical infrastructure sector;
  • significantly compromise the provision of services by one or more entities in a critical infrastructure sector;
  • significantly disrupt the availability of a computer or computer network; or
  • cause a significant misappropriation of funds, economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private gain.

The Treasury Secretary is also authorized to impose sanctions of entities that knowingly receive or use trade secrets stolen by cyber-enabled means for competitive advantage or private gain.

The stolen secrets must also be reasonably likely to result in or contribute to a significant threat to the national security, foreign policy, economic health, or financial stability of the United States. An example is when a corporation knowingly profits from stolen trade secrets.

The order is specifically meant to not be limited to those doing direct hacking. “Not just the hackers on the keyboard, but those that are bankrolling them and those that are supporting them and giving them their strategic direction for what to go do,” Michael Daniel, special assistant to the president and cybersecurity coordinator, said at a discussion at the Center for Strategic and International Studies on March 1.

Daniel highlighted that the sanctions tool will be targeted and judicious in use because in most cases diplomatic, law enforcement, and other standard tools will be applied first.

“So what this sanctions E.O. (executive order) is really designed to do is it is designed to fill in a gap that we have identified where individuals carrying out significant malicious cyber activity are located in places that it’s difficult for our diplomatic and law enforcement tools to reach,” Daniel said in a press call.

“We are putting in place the framework so that it’s available for us to respond, if we needed to rapidly, to an emerging cyber threat.  In the future, we will use this tool in a targeted and coordinated way against the worst of the worst, the most serious overseas malicious actors.”

No designations were announced with the executive order.

Individuals or entities sanctioned under this order would be barred from entry into the United States and could have their assets seized.