Executive Order for Going After "Hackers"

[Donal]

Wednesday, President Obama signed an Executive Order to impose economic sanctions on anyone involved in "cyber attacks" against US interests.

A couple of interesting points.

1) This isn't against nations, but rather focuses on individuals involved in the cyber attacks. So, they can theoretically punish some dude working in a Chinese hacker unit personally rather than just impose sanctions on his country. Although, I'm sure this is meant more for individuals or non-government aligned collectives and not people in government agencies.

2) It only affects financial assets in the US. Of course, we've seen "in the US" can have a rather ambiguous definition for some people. Otherwise, this makes it seem a fairly token gesture.

3) It covers private sector attacks, but doesn't mention anything about some sort of requirement that the companies themselves have reasonable security policies and procedures.

For the most part, it seems more for show. It make things that have been happening official policy now. What I would really like to see is companies that are holding our data be required to actually keep it secure.

 

[Gawdzilla Sama]

"It's not the '80s, nobody says 'hack' any more." Tony Stark.

 

[Newtons Bit]

Uhhh... where the is due process in this?

 

[Smackety]

Uhhh... where the is due process in this?

I am fairly confident that if the country a hacker is in is willing to extradite the hacker to the USA, then the hacker will get due process.

 

[fuelair]

Uhhh... where the is due process in this?

For hackers and other misusers/attackers of my computer I do not give a flying **** about due process. Just want them shot on sight.

 

[Darth Rotor]

3) It covers private sector attacks, but doesn't mention anything about some sort of requirement that the companies themselves have reasonable security policies and procedures.

For the most part, it seems more for show. It make things that have been happening official policy now. What I would really like to see is companies that are holding our data be required to actually keep it secure.

And our government agencies, as well.

 

[Donal]

Uhhh... where the is due process in this?

The same place it goes for any other criminal enterprise that has its assets frozen. This isn't new.

 

[Roger Ramjets]

For hackers and other misusers/attackers of my computer I do not give a flying **** about due process. Just want them shot on sight.

I don't believe in capital punishment, and suspects shouldn't be shot to death unless they are an immediate threat to others. However they should be treated like the criminals they are.

"It's not the '80s, nobody says 'hack' any more."

We still do, but the meaning has changed. There was time when 'hacking' meant delving into the guts of a computer to make it work better or do more, and being an accomplished hacker was a skill to be proud of.

Today's 'hackers' are cyber-criminals who have no interest in computer technology other than as a means to rip people off and hurt them. They should be treated no different to other con-artists, robbers and terrorists.

Uhhh... where the is due process in this?

Doesn't apply.

"any person determined by the Secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, to be responsible for or complicit in, or to have engaged in, directly or indirectly, cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States"

 

[Jango]

I understand why the government has gone in this direction, but it exposes hypocrisy in broad daylight: is the U.S. government going to stop using hackers under their employment? Nope. This fact will be capitalized on, just as previous instances of blatant hypocrisy have created opportunities for other nations to say "Gotcha ya!" It opens up another conundrum -- the U.S. attacking someone via the courts and the banks for something it does itself. Will the U.S. allow Russia, China or any other number of countries whom the U.S. hacks to come after the hackers they are using?

As I said at the beginning, I understand why the government did this -- the U.S. is bombarded by cyber attacks and cyber intrusions daily. This is another realm of the modern battlefield though -- is murky and not foundationally secure with a coherent understanding of terms, tasks and thought process. Is a malicious cyber attack an act of war? Some say yes, some say no. If malicious is defined as 'intentionally causing great harm', then the U.S. and Israel have already declared war on Iran.

 

[BenBurch]

FUN! I would love to unleash some black ice on these guys.