Obama signs bill to allow sanctions be placed on 'malicious' hackers

Taking dead aim at "malicious cyber attackers", President Obama today signed into law a bill that will allow those who target US companies for things like DDoS attacks to have sanctions imposed upon them. In announcing the bill, Homeland Security and Counterterrorism chief Lisa Monaco said "by freezing assets of those subject to sanctions and making it more difficult for them to do business with U.S. entities, we can remove a powerful economic motivation for committing these acts in the first place".

In a statement, Monaco went on to say "malicious cyber activity — whether it be stealing sensitive information, including personal identifiers, or trade secrets — is often profit-motivated. Because those responsible want to enjoy the ill-gotten proceeds of their activities, sanctions can have a significant impact."

When a company like Target or Home Depot suffers an attack in the future, those found guilty (if anyone is) may see assets frozen, as well as other sanctions that would make it difficult to do business with domestic entities. Often, stolen information is sold on a black market website specifically dealing in that kind of information transfer.

Specifically, the language of the bill gives the Secretary of the Treasury, along with the Attorney General and Secretary of State, the right to "sanction malicious cyber actors whose actions threaten the national security, foreign policy, or economic health or financial stability of the United States." While security and foreign policy are likely a little more cut-and-dry, language regarding "economic health or financial stability" gives the Government a bit more wiggle room.

In the announcement, Monaco said it wasn't going to be an everyday occurrence, these sanctions. They're meant for the "most significant" attackers.

Source: The White House