Modern field guide to security and privacy

Opinion: Sanctions may be Obama's best idea yet to battle cyberattacks

Obama signed an executive order today authorizing a program of sanctions to battle digital assaults coming from overseas. While the order seems aimed at the Chinese, it might also be the president's most successful tool for thwarting cyberattacks. 

|
Charles Dharapak/AP/File
Press materials displayed at the Justice Department in May 2014 before the announcement of charges against Chinese hackers in a cyberespionage case.

The White House announced today a new program of sanctions to combat the worst cyberattacks.

According to a blog by Lisa Monaco, President Obama's adviser for homeland security, the new executive order “authorizes the Secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, to sanction malicious cyber actors whose actions threaten the national security, foreign policy, or economic health or financial stability of the United States.”

Ms. Monaco was clear that sanctions are “not a tool that we will use every day” but just to “deter and disrupt the worst of the cyberthreats that we face.”

The White House move is best seen as the next shoe dropping after last year’s Department of Justice indictment of five Chinese military officers. They were indicted for stealing commercial secrets and with this new order, the president giving authority to target the Chinese companies that paid those officers to spy on their behalf.

It had been a mystery why the Justice Department took a relatively bold step to indict serving military officers on espionage charges, then fail to target the unindicted coconspirators or the Chinese state-owned enterprises that gained the actual commercial advantage. Likely, the administration was distracted by other priorities such as responding to the North Korean attack on Sony Pictures – a response that required China’s cooperation.

Sanctions are a much-needed step to vilify stealing commercial secrets, so that it is seen on par as payment by companies to corrupt officials, something that used to be widespread but is increasingly subject to strong negative norms.

Hopefully, the sanctions will include noneconomic penalties such as denying visas to executives who support the theft of commercial secrets, as well as to their spouses and children who want to study in US universities. Such targeted penalties affect those most responsible for the worst excesses without painting China guilty as an entire nation.

This new order from Mr. Obama will be seen correctly as a response to China’s commercial spying, however it is meant to help deter other attacks, too.

If the Iranians try a new chapter of attacking America’s finance sector, as they have in the past, not only is the US military likely to counterattack, now the Secretary of Treasury can authorize sanctions as well. 

The government can use sanctions against cyber actors who target US foreign policy – an interesting category and choice of words. This probably wasn’t meant to include WikiLeaks-style “malicious cyber actors” but future administrations might interpret this more broadly.

For this policy to succeed, American companies – and the government itself – will need to step forward with more information. The US government has not even named the Chinese companies that funded the military spies and few companies are willing to come forward to say they have been harmed by commercial espionage.

Other nations faced with Chinese espionage should follow suit with sanctions of their own, but even with diminished economic growth, China is still strong enough that most governments will continue to meekly complain behind closed doors and with open wallets.

When it comes to cybersecurity, the Obama administration has gone from success to success lately, including major policies on cyberthreat information sharing, a presidential summit on security in Silicon Valley, and a good-enough response to the Sony attack.

This new policy on sanctions is the most innovative, and perhaps is the only truly new idea to combat cyberattacks during the entire Obama presidency. It could easily be the most successful, so long as the Chinese (or Brazilians or Europeans) don’t sanction companies known to have helped the National Security Agency spy on them. 

Jason Healey is the Director of the Cyber Statecraft Initiative of the Atlantic Council and editor of the first history of cyberconflict, "A Fierce Domain: Cyber Conflict, 1986 to 2012." You can follow his thoughts and analysis on cyberissues at @Jason_Healey.

 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Opinion: Sanctions may be Obama's best idea yet to battle cyberattacks
Read this article in
https://www.csmonitor.com/World/Passcode/Passcode-Voices/2015/0401/Opinion-Sanctions-may-be-Obama-s-best-idea-yet-to-battle-cyberattacks
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe