President Obama Signs Executive Order Saying That Now He's Going To Be Really Mad If He Catches Someone Cyberattacking Us

from the oh-come-on dept

This, apparently, is not an April Fool's joke. This morning, President Obama signed an executive order [pdf] allowing the White House to issue sanctions on those "engaging in significant malicious cyber-enabled activities." I'm sure the Chinese state hackers behind the Github DDoS are shaking in their boots.

To make this work, the President officially declared foreign hacking to be a "national emergency" (no, really) and basically said that if the government decides that some foreign person is doing a bit too much hacking, the US government can basically do all sorts of bad stuff to them, like seize anything they have in the US and block them from coming to the US. Because that won't be abused at all.

Look, everyone agrees that there's a lot of online hacking and computer attacks going on. So much of what we do in the world has moved online, so of course that's going to be a target. But giving a general "ARRRRRGGH! HACKING BAD! WHITE HOUSE MAD!" executive order seems incredibly pointless and counterproductive. It seems like yet another example of politicians feeling the need to do something because there's a problem -- but not having any good ideas on what to actually do that will help solve the problem. So they just do something to say they did something, never mind how toothless it is -- or (more importantly) how the broad and vague definitions set forth in the "something" they do can (and will) be used in the future against perfectly reasonable actions and actors.

It's stories like these that make actual computer security folks shake their heads in confusion at politicians. You don't solve cybersecurity issues with vague executive orders. You do it with better security practices (and not undermining those practices with backdoors and stockpiling zero days).
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cybersecurity, executive order, national emergency, president obama, sanctions, white house


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    wallow-T, 1 Apr 2015 @ 11:54am

    protecting intellectual property

    The executive order should be sufficient to vaporize the assets of all known cyberlockers, as well as the assets of anyone who can be tied to a BitTorrent indexer, or any other sort of indexer.

    SOPA would have allowed point-and-remove-from-Internet; what the copyright industry gets instead is point-and-bankrupt, which is likely to be almost as good.

    We can expect open source developers of "tools which might enable piracy" to be thrown into the asset seizure mix.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 1 Apr 2015 @ 11:57am

    The King has spoken

    O thinks pretty highly of himself so I am sure he thinks he accomplished something.

    link to this | view in thread ]

  3. icon
    That One Guy (profile), 1 Apr 2015 @ 11:58am

    Hypocrisy, thy name is the USG

    To make this work, the President officially declared foreign hacking to be a "national emergency" (no, really) and basically said that if the government decides that some foreign person is doing a bit too much hacking, the US government can basically do all sorts of bad stuff to them, like seize anything they have in the US and block them from coming to the US. Because that won't be abused at all.

    Keep in mind, this is the exact same government where multiple government agencies have argued that they should be allowed to hack any computer or network, no matter where on the planet it's located. So apparently hacking is only a bad thing when someone other than the USG is doing it.

    link to this | view in thread ]

  4. icon
    Adam Wood (profile), 1 Apr 2015 @ 11:59am

    Dumb dumb DUMB!

    I have a small, still under construction website. Almost from day one my logs have been continuously splashed with hack attempts... this is a daily occurrence, 100s of hits per day. The IP's trace back to a few places but China is a huge part of it. All of them "testing" my security by trying to access various known exploits of products such as wordpress (which isn't even installed on my server) or submitting too much data to see if they can cause some sort of overrun. My site on my server is a nowhere kind of site with very little exposure and certainly no kinds of major publicity or usage. I get less than a handfull of real "impressions" per day... yet, here I am under full onslaught to try and break my security. I have to think that if me, a nobody in the internet world, is getting hammered then every other nobody and even more sites who are somebody are getting hammered just as hard and harder. One might consider this "engaging in significant malicious cyber-enabled activities" don't you think? Tens of thousands of nobodies multiplied by this effort.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 1 Apr 2015 @ 12:01pm

    Re: The King has spoken

    Thanks for point this out to me now it is blindly simple to know what "O's" problem is. He thinks he is Oprah.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 1 Apr 2015 @ 12:05pm

    Punishing people that break the law is so counterproductive.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 1 Apr 2015 @ 12:11pm

    Re:

    Haha, good one, April Fools!

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 1 Apr 2015 @ 12:12pm

    So it's (apparently) OK for the US government to hack foreign computers and create destructive malware like Stuxnet to unleash on the so-called "rogue nations" of the world, but if the victims of these cyber-attacks were to respond in kind, then that means war!

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 1 Apr 2015 @ 12:12pm

    Finally, some accountability for the U.S OF A, oh wait, let me guess

    Except us

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 1 Apr 2015 @ 12:17pm

    How about a common sense executive order beefing up defensive security instead of yet MORE offensive weapons.......transparency of threats, so that companies that care can update/upgrade/patch, and those that dont can go fking bankrupt

    link to this | view in thread ]

  11. identicon
    twinsdad9901, 1 Apr 2015 @ 12:21pm

    Wait until the NSA...

    I can't wait until the NSA stretches and deforms this executive order like they did to XO12333.

    link to this | view in thread ]

  12. identicon
    Whoever, 1 Apr 2015 @ 12:57pm

    House of cards

    To make this work, the President officially declared foreign hacking to be a "national emergency"
    Obama has been watching the latest season of House of Cards, in which President Underwood declares "unemployment" to be a national emergency and starts using FEMA funds to create and subsidize jobs.

    link to this | view in thread ]

  13. identicon
    Anonymous Coward, 1 Apr 2015 @ 1:01pm

    One of These Things Is Not Like the Other

    So exactly which hacking incident(s) does Barack Obama find to be equivalent to 9/11?

    I, BARACK OBAMA, President of the United States of America, find that the increasing prevalence and severity of malicious cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States constitute an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States. I hereby declare a national emergency to deal with this threat.

    Executive Order on Terrorist Financing (Sep. 24, 2001)
    I, GEORGE W. BUSH, President of the United States of America, find that grave acts of terrorism and threats of terrorism committed by foreign terrorists, including the terrorist attacks in New York, Pennsylvania, and the Pentagon committed on September 11, 2001, acts recognized and condemned in UNSCR 1368 of September 12, 2001, and UNSCR 1269 of October 19, 1999, and the continuing and immediate threat of further attacks on United States nationals or the United States constitute an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States, and in furtherance of my proclamation of September 14, 2001, Declaration of National Emergency by Reason of Certain Terrorist Attacks, hereby declare a national emergency to deal with that threat.

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 1 Apr 2015 @ 1:03pm

    Re: Dumb dumb DUMB!

    Why are you allowing Internet traffic from China to get anywhere near your web site?

    Unless you have an operational need to do so -- and you almost certainly don't -- firewall out the entire country. And Korea, while you're at it. Well-curated lists of all of their network allocations are available here:

    http://okean.com/asianspamblocks.html

    I find it useful to update my firewalls about once a week with those and to enjoy the peace and quiet that results as every single packet originating there is dropped on the floor without so much as an acknowledgment.

    link to this | view in thread ]

  15. icon
    DocGerbil100 (profile), 1 Apr 2015 @ 1:30pm

    National Emergency

    I'm not too familiar with all the various bits and bobs of Americas innumerable anti-terrorism laws and executive orders, but if memory serves, some parts of these only apply during times of National Emergency.

    This order is presumably intended to - in effect - preemptively reclassify all major hacking incidents as terrorism. Individuals and organisations identified are now subject to surveillance and response under the terms set by the Patriot Act and other rules, rather than normal due process.

    The order also functionally makes the acquisition of "trade secrets" into terrorism. "[...] any person determined [...] to be responsible for or complicit in, or to have engaged in, the receipt or use [...] of trade secrets misappropriated through cyber-enabled means [...] just became subject to Patriot Act rules.

    This, logically, must include everyone involved in the last big Sony hack, every file-sharing-site where the movies appeared, everyone who downloaded copies and - you're going to love this, I just know it - every journalist who received and wrote about the various leaked emails.

    Congratulations everyone, the President of the United States of America just declared all of us to be de facto terrorists, subject to unlimited surveillance and attack, at the whim of any branch of the US government that wants to do so.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 1 Apr 2015 @ 1:47pm

    He may want to take a look at what the NSA is up to first before drafting such legislation....

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 1 Apr 2015 @ 1:49pm

    A national emergency you say?

    Well then, we're just one cyber pearl harbor away from a third-term Obama.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 1 Apr 2015 @ 2:44pm

    For what purpose?

    Given the likelihood that the USG could impose all the sanctions it wanted without an EO, it's hard to see the point of this other than carving out another unilateral power grab. And because this is ostensibly about security, don't expect it to be undone by a future president. It's 12333 for the 21st century.

    link to this | view in thread ]

  19. identicon
    wallow-T, 1 Apr 2015 @ 3:29pm

    via a USA Today story from October 2014: President Jimmy Carter declared the oldest state of emergency still in force, in 1979, to implement a trade embargo against Iran.

    The five following presidents declared about 50 emergencies, and about 30 of those emergencies remain in effect (as of Oct. 2014). The emergency powers give the President the ability to enforce economic sanctions on his own say-so.

    (Background.)

    link to this | view in thread ]

  20. icon
    Padpaw (profile), 1 Apr 2015 @ 5:17pm

    reads as a "I dare you to attack us, because you called us out on us declaring we can attack anyone we want to"

    link to this | view in thread ]

  21. icon
    Padpaw (profile), 1 Apr 2015 @ 5:22pm

    Re: Hypocrisy, thy name is the USG

    like someone trying to start a war, almost seems like

    link to this | view in thread ]

  22. icon
    Padpaw (profile), 1 Apr 2015 @ 5:25pm

    Re: National Emergency

    they already do that, they are justifying it with a new law

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 1 Apr 2015 @ 9:30pm

    Does this mean Germany is going to issue sanctions against the US for hacking into Angela Merkel's cellphone? Or does it mean Iran is going to issue sanctions against the US for launching Stuxnet against their nuclear energy program? Maybe it means China will start issuing sanctions against the US for the NSA intercepting Cisco router shipments and implanting backdoors onto them via a process known as interdiction.

    Has the US even thought this sanction policy through all the way? The US will more sanctions levied against it than any other country on the planet! Thanks NSA!

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 2 Apr 2015 @ 5:24am

    Re: The King has spoken

    "I am sure he thinks he accomplished something."


    We can not have any of that sort of thing occurring on our watch.

    - Congress

    link to this | view in thread ]

  25. identicon
    Anonymous Coward, 2 Apr 2015 @ 5:28am

    Re: Re: Hypocrisy, thy name is the USG

    HEADLINE NEWS:
    Iran is hacking us, Iran is hacking us!
    Bomb bomb bomb

    I'm sure the only hypocrites are the USG.

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 2 Apr 2015 @ 5:31am

    Re: House of cards

    So ... hacking is unemployment?

    link to this | view in thread ]

  27. identicon
    Anonymous Coward, 2 Apr 2015 @ 5:32am

    Re:

    omg

    link to this | view in thread ]

  28. icon
    Eponymous Coward (profile), 2 Apr 2015 @ 9:56am

    Re:

    Considering the level of data theft (err, "gathering") that the NSA has accomplished, along with their physically tampering with hardware, insisting on backdoors in otherwise secure systems, etc., I would say that we know where this order should first be applied.

    We have met the enemy, and they are us.

    link to this | view in thread ]

  29. icon
    GEMont (profile), 2 Apr 2015 @ 2:49pm

    Welcome to the New War.... same as the Old War.

    "ARRRRRGGH! HACKING BAD! WHITE HOUSE MAD!"

    That is merely the "public perception ploy", that allows this new "War On ____" to get full tax-traction and support of law.

    In this case, its a "War On Hackers", and once you start to realize exactly what this particular "War On" allows the Feds to do, you will be seeing this legislation in a whole new light.

    You do remember the recent kerfuffle about letting Corporate America - other-wise known as the Billionaire Fascist Club - run "attack wares" - called "defense wares", legally against "perceived" cyber assaults.

    Well, now they have an executive order that will nicely immunize them against any repercussions, should they, say, fry the computers of an on-line chess club by mistake, in their retaliations against some unknown hackers or an Anonymous DDOS attack on their network.

    And I'll betcha they now have access to tax-payer funding for research and development of new and better attack, errrr... defense wares, as well, and maybe even access to NSA Brand(TM) anti-cyber tools.

    And ya'all should by now, know exactly what total immunity from all consequences of one's actions lead to.

    If not, look no further than the CIA, FBI, NSA, NYPD, and all the other so-called public-servants of the USG, who are now laws unto them-selves, answering only to... well.... not you, that's for sure.

    If you're having difficulty still, you might want to simply see this new executive order as the declaration of the War on Hackers, which will now be waged like the War on Drugs, and the War on Terror.... that is, forever and on your dime.

    ---

    link to this | view in thread ]

  30. icon
    GEMont (profile), 2 Apr 2015 @ 2:55pm

    Re: The King has spoken

    That should read "The Korporate King has spoken"

    And He has accomplished something all right.

    You're not gonna like what was accomplished though, as its pretty much the exact opposite of what he has claimed publically - as usual.

    Life in the USA is about to become one step closer to Hell.

    ---

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 3 Apr 2015 @ 4:43am

    Re:

    It is when the real law breakers are the ones doing the punishing..

    link to this | view in thread ]

  32. identicon
    Isabelle, 3 Apr 2015 @ 10:31am

    For a non american Citizen

    Since the rest of the world is under costant cyberattack from the USA, this law rather seems like a provocation. I guess a war somewhere not on US Soil would come in handy, wouldn't it?

    link to this | view in thread ]

  33. identicon
    John B, 4 Apr 2015 @ 4:16am

    a new purse

    75% of the drug war victory (read: profit) was from marijuana-related forfeiture, and two things are happening. 1) Forfeiture from unproven charges and suspicions are getting nixed finally. Only persons proven of committing crimes will be able to be, robbed and 2) Marijuana enforcement is going the way of the dodo and the laws are right behind it.

    This EO is the govt's replacement purse. Simple as that.

    link to this | view in thread ]

  34. identicon
    John B, 4 Apr 2015 @ 4:29am

    Re: Dumb dumb DUMB!

    I have done a significant amount of work in the field since the 90s, and I can tell you something about those "Chinese hackers" you see in your server logs.

    Most of them are hacked Chinese machines in the control of western (largely American) hackers in the form of botnets. In USA, people don't and wont get charges (IMO, for good reason) for hacking Chinese assets or property, and this is the result.

    People do not just randomly scan the internet using assets that can be linked to them, or can be shut down by their ISP. They use hacked stuff that wont get searched by their own government.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.