Obama cyberattacker sanctions raise due process, attribution concerns

[InfoSec News <alerts () infosecnews org>]

http://www.computerworld.com/article/2905295/obama-cyberattacker-sanctions-raise-due-process-attribution-concerns.html

By Grant Gross
IDG News Service
Apr 2, 2015

New U.S. government sanctions targeting the bank accounts of suspected 
cyberattackers raise questions about due process for people who feel 
they're wrongly accused and about how agencies will identify the source of 
attacks.

The new sanctions, announced by President Obama's administration 
Wednesday, would allow the U.S. Treasury Department to freeze the funds 
held in U.S. banks of people and organizations suspected of engaging in 
cyberattacks that pose a "significant threat to the national security, 
foreign policy, economic health, or financial stability" of the U.S., 
according to information released by the White House.

The Treasury Department, consulting with the Department of Justice and 
Department of State, could impose the sanctions if it has a "reasonable 
basis to believe" the targeted organization or person is engaging in the 
malicious attacks.

But attributing the source of cyberattacks is still difficult, and it's 
unclear what standard of proof the U.S. government will use to impose the 
new sanctions, some legal and cybersecurity experts said. In addition, the 
White House offered few details about how accused organizations can 
challenge the sanctions, critics said.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/