Executive Order Blocks Property of those Engaging in Significant Malicious Cyber-Enabled Activities

Using financial sanction tools previously used for terrorists and rogue criminal states, the White House on April 1, 2015 declared a national emergency and issued a powerful Executive Order enabling the freezing of US-based assets of foreign cyberattackers.

Citing the increased prevalence and severity of malicious cyber-enabled activities originating from foreign sources as “an unusual and extraordinary threat” to the nation, the Executive Order gives the Executive Branch unprecedented new authority to respond to cyberattacks such as the Sony hack — although the White House has declined to indicate whether the Sony hack would have qualified for the exercise of these new powers. The White House indicated that the Executive Order “is specifically designed to be used to go after the most significant malicious cyber actors we face. It is not a tool that we will use every day.”

The Executive Order enables the Secretary of Treasury, in consultation with the Attorney General and the Secretary of State, to freeze the assets of any individual or entity deemed to be responsible or complicit in “cyber-enabled activities” originating outside the United States that are a significant threat to the national security, foreign policy, or economic health or financial stability of the nation. It will be used to issue financial sanctions against cybercriminals who impact computers or networks in the critical infrastructure sectors; cause “a significant disruption to the availability of a computer or network of computers”; or cause “a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or financial gain.” The Executive Order also allows the issuance of sanctions against businesses or organizations that lend aid to hackers or benefit from hacking or cyber-spying.

The Executive Order permits sanctions to be levied in the United States against individuals and organizations wherever they may be located in the world, whereas previous sanctions have been limited to particular countries that harbor and support cybercriminals.

The White House took today’s actions pursuant to the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), the National Emergencies Act (50 U.S.C. 1601 et seq.) (NEA), Section 212(f) of the Immigration and Nationality Act of 1952 (8 U.S.C. 1182(f)) (INA), and Section 301 of Title 3, United States Code. The Executive Order can be reviewed here and a blog post answering FAQs can be accessed here.