US weighs sanctioning China and Russia in response to recent cyber attacks

The Obama administration weighs sanctioning China and Russia in response to recent cyber attacks who have exposed sensitive data of the US Govt and US firms.

The US Government is considering sanctions against both Russian and Chinese hackers in response to the hacking campaign targeting US entities.

The news was reported by several U.S. officials yesterday who spoke on condition of anonymity. The Obama administration was already considering to punish hackers and organizations targeting US entities, recently it proposed sanctions for Chinese hackers and individuals and firms from other nations responsible for cyber attacks against American commercial companies. However, this is the first time that US official explicitly refer the Russia.

“Done in tandem with other diplomatic pressure, law enforcement, military, intelligence, then you can actually start to impose costs and indicate that there are costs to the bilateral relationship,” an official told the Washington Post.

The U.S. government has not yet decided whether to issue these sanctions, but it seems a question of time despite the White House spokesman Josh Earnest declined to confirm the United States was near to apply the sanctions against Chinese entities.

“It would be strategically unwise for us to discuss potential sanctions targets because that would only give the potential targets of sanctions the opportunity to take steps that would allow them to evade those sanctions,” he told.

“The United States, as we all know, has sharp disagreements with China over its actions in cyber space,” State Department spokesman Mark Toner told reporters on Monday. “We have remained deeply concerned about Chinese government-sponsored cyber-enabled theft of confidential business information and proprietary technology from U.S. companies,” he added at his daily briefing.

The US government suffered several major cyber attacks recently, including the recent hack of the Office of Personnel Management (OPM) and the network at the White House. In August, the New York Times published an article saying that the president of the United States, Barack Obama took the decision to retaliate against China, after the famous hack of the OPM, leaving in the wild over 20 million personal records.

In April, the President Barack Obama has signed an executive order that uses economic restrictions to “control” anyone that is trying to attack any American interests.

This means that if the US authorities identify an entity (person or group) that is threatening the US infrastructure and which is responsible for a security breach, then all its assets can be frozen, including bank accounts, if these assets are located in the US soil.

“Starting today, we’re giving notice to those who pose significant threats to our security or economy by damaging our critical infrastructure, disrupting or hijacking our computer networks, or stealing the trade secrets of American companies or the personal information of American citizens for profit,” said the president Obama. “From now on, we have the power to freeze their assets, make it harder for them to do business with U.S. companies, and limit their ability to profit from their misdeeds.”

The executive order explicitly refers the following case regarding possible activities that represent a threat for the Homeland security:

• harming, or otherwise significantly compromising the provision of services by, a computer or network of computers that support one or more entities in a critical infrastructure sector;
• significantly compromising the provision of services by one or more entities in a critical infrastructure sector;
• causing a significant disruption to the availability of a computer or network of computers; or
• causing a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain;

The executive order is efficient only if the alleged attackers have assets in America, or do business with American companies.

 

“The Chinese government staunchly upholds cyber security, firmly opposes and combats all forms of cyber attacks in accordance with law,” Chinese Embassy spokesman Zhu Haiquan said in an official statement.

According to the spokesman the Chinese Government is spending a significant effort to combat cyber attacks against the US systems and it want to establish an effective cooperation to reach the target.

The Russian Government still hasn’t commented the news.

The US officials speculate that the recent attacks were coordinated by Chinese state-sponsored APT groups, the sanctions Washington is defining will hit foreign citizens and companies believed responsible for intrusions in commercial enterprises, the officials declined to name any potential target.

“One U.S. official said that sanctions imposed on individuals or companies would effectively cut them off from using the U.S. financial system, which could be a death-sentence for a serious business venture. The official also said that entities or individuals from countries other than Russia or China could face sanctions.” states the Reuters in a blog post.

The intelligence experts are also worried by Russian hackers working for the Kremlin, numerous hacking campaigns appear to be linked to Russian ATPs, such as the ATP28 who has intensified its espionage activities following the tensions between Ukraine and Russia.

No doubts, cyber security strategy is becoming one of the most serious issue to approach for the Obama Administration.

Pierluigi Paganini

(Security Affairs – Information Warfare, Russia, China)