Obama authorizes sanctions for cybersecurity crimes
The U.S. has been hit by foreign governments, including North Korea and China, in the last few years
(Come mingle with hundreds of top venture capitalists representing $10B-plus in capital under management, including Khosla Ventures, Greylock and Javelin Venture Partners, and learn from founders/CEOs including Marco Zappacosta, Co-founder & CEO of Thumbtack and Adam Goldenberg, CEO of JustFab, Slava Rubin, Founder & CEO of Indiegogo, at Vator Splash Oakland on April 22nd and 23rd. Get your tickets here!)
When we look back at 2014, I think it's going to be the year we really started to take cybersecurity, especially when it comes to foreign governments, seriously. There were multiple instances of countries, including China and, most famously, North Korea, attacking our systems.
Frankly, I think it makes us look weak and vulnerable. And now we are finally doing to do something about it!
President Obama announced on Wednesday, via a blog post put up on Medium, that, for the first time, the United States will be instituting a sanctions program against foreign governments and criminals who engage in cyber attacks against this country.
The fact that the same that technology "can empower us to do great good," but can also be used to do harm is "one of the great paradoxes of our Information Age," Obama wrote.
He referred specifically to the attack by North Korea on Sony Pictures last Fall, which "destroyed data and disabled thousands of computers." It's not like the U.S. didn't respond at all to that attack; following threats against national movie theater chains for their plans to show the Interview, North Korea suffered a big Internet outage which our government is said to be responsible for.
But that is not enough, so we have to hit them where it hurts.
"Starting today, we’re giving notice to those who pose significant threats to our security or economy by damaging our critical infrastructure, disrupting or hijacking our computer networks, or stealing the trade secrets of American companies or the personal information of American citizens for profit," said Obama.
"From now on, we have the power to freeze their assets, make it harder for them to do business with U.S. companies, and limit their ability to profit from their misdeeds."
The "primary focus will be on cyber threats from overseas," and the government will still use diplomatic and law enforcement tools first,"but targeted sanctions, used judiciously, will give us a new and powerful way to go after the worst of the worst."
North Korea is not alone in attacking the United States; in fact they are far from the worst offender, as China has been involved in many more incidents of cyber espionage.
Last year, the U.S. Department of Justice leveled charges against China for cyber espionage, marking the first time the U.S. ever leveled criminal charges against a foreign government for economic cyber spying.
This came after U.S. security firm Mandiant traced over 140 cyber attacks on U.S. and foreign businesses and organizations to a specific unit in China’s army known widely as the “Comment Crew” or the “Shanghai Group.” An assessment by the National Intelligence Estimate identified a pretty extensive range of sectors that have been impacted by China’s spying, including finance, IT, aerospace, automotive, and energy, among others. Some of the companies that have been hacked include Google—obviously—as well as drone manufacturers and the makers of nuclear weapons parts.
And the attacks continued after that. Community Health Systems, one of the largest providers of general hospital healthcare services in the United States revealed that it been hacked by an “Advanced Persistent Threat” group originating from China last August. Then, in September, a U.S. Senate panel found that Chinese hackers, who are associated with the Chinese government, were able to breach computer systems of U.S. airlines, technology companies and other firms involved in the movement of U.S. troops and military equipment,
Between June of 2012 and June of 2013, there were about 50 breaches, or other cyber events, into the computer networks of the military's U.S. Transportation Command, or Transcom, contractors.
"While we’re focused on the supply side of this problem — those who engage in these acts — we’ll also go after the demand side — those who profit from them," Obama said of the new program. "As of today, there’s a new deterrent because I’m also authorizing sanctions against companies that knowingly use stolen trade secrets to undermine our nation’s economic health."
Given all the incidents that have occurred over the past few years, the biggest question should be why it took this long to implement this type of program.
The cybersecurity space
As cybersecurity started making headlines, venture capital took notice as well, and started putting ore money into these types of startups
In the last 5 years, $7.3 billion has been invested into 1208 private cybersecurity startups, according to CBInsights.
In 2014, funding for cybersecurity startups broke the $2 billion barrier for the first time while deals grew to a total of 269.
Some of the companies that have raised the most funding in the space over the last couple of years have included Good Technology, which raised $80 million; Lookout, which raised a $150 million round; Okta, which rased a $27 million Series D funding round; Bit9, which raised $38.25 million; and Veracode, which raised a $40 million funding round.
(Image source: imgkid.com)