September 28, 2020

Volume X, Number 272

September 25, 2020

Subscribe to Latest Legal News and Analysis

Executive Order Provides Sanctions Aimed at Fighting Cyberattacks

On April 1, the president signed Executive Order 13694, which created a new sanctions regime for fighting cyberattacks. This creates opportunities for companies that are facing or may face cyberattacks. The Executive Order provides additional tools for victims of cyberattacks to punish the perpetrators by working with the government. The Executive Order creates framework to allow the government to take action in response to attacks on private companies and take all measures necessary to punish co-conspirators. The Executive Order also creates several issues that individuals and companies with international dealings should consider taking into consideration to avoid potential liability.

The Executive Order grants the Secretary of the Treasury authority to “block” the assets of anyone who conducts or aids “cyber-enabled activities . . . reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States . . . .” The Executive Order also grants the power to sanction any individual or entity that gives support to, assists in anyway, or sponsors such a cyber-attacker. The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) will work in coordination with other U.S. government agencies to identify individuals and entities that engage in prohibited cyber activities and designate them for sanctions. Persons designated under this Executive Order will be added to OFAC’s list of Specially Designated Nationals and Blocked Persons (SDN List). U.S. persons are prohibited from engaging in most all transactions with designated individuals and entities named on the SDN List or entities owned by such designated persons. Additionally, designated persons sanctioned under the Executive Order will be blocked from entering the United States.

Given the growing nature of cyberattacks and the Executive Order’s potentially broad reach, individuals and companies with international business should consider taking steps to ensure their business partners do not meet the criteria of cyberattackers. For example, payments from persons designated as cyberattackers will be blocked by U.S. financial institutions and U.S. persons that engage in transactions with such persons could be subject to substantial penalties. Accordingly, U.S. businesses engaged in international transactions should consider updating their compliance programs and screening procedures to ensure they are not dealing with any persons designated on the SDN List, or that are owned 50 percent or more by such designated persons.

The Executive Order represents a turning point for the administration. It signals that the administration will take a more active role in fighting attacks that are often diffuse and difficult to investigate. Barnes & Thornburg has worked with the government to track down hackers who have levied corporate cyberattacks. In light of the Executive Order, there can be little doubt that the government will redouble its efforts to help victim companies, presenting opportunities for companies to work with the government in its efforts to track down and stop the perpetrators. This is good news for fighting cyberattacks.

© 2020 BARNES & THORNBURG LLPNational Law Review, Volume V, Number 135


About this Author

Scott Godes, Barnes and Thornburg Law Firm, Washington DC, Communication Law Attorney

Scott N. Godes is a veteran trial lawyer with deep experience in insurance coverage matters and technology issues. He is a partner in Barnes & Thornburg LLP’s Washington, D.C., office and is a member of the Litigation Department and the Policyholder Insurance Recovery and Counseling Group.

Karen A. McGee, Barnes Thornburg Law Firm, Washington DC, Corporate Law Attorney

Karen A. McGee is the Managing Partner of the Washington, D.C. office of Barnes & Thornburg LLP and a member of the Global Services Practice Group, Associations and Foundations Practice Group, and the Corporate and Intellectual Property Departments. Ms. McGee concentrates her practice in the international trade area.

Ms. McGee counsels foreign and domestic clients and trade associations on international trade regulatory matters involving the International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR); foreign assets controls; antidumping and countervailing duty orders; customs and import compliance; free trade agreements, such as NAFTA; and, other U.S. international trade regulations.

She counsels clients on export licensing and classification, employment of foreign nationals, deemed exports, development and implementation of export compliance programs and export enforcement matters, including voluntary disclosures relating to commercial and defense articles, defense services and technical data. In addition, she counsels clients on export control and national security implications of mergers and acquisitions, including voluntary filings before the Committee on Foreign Investment in the U.S. (CFIUS). Ms. McGee also counsels clients on a wide range of customs issues, such as country-of-origin/product marking, tariff classification, valuation, seizures, prior disclosures, and intellectual property infringement. She represents clients, including trade associations, in antidumping and countervailing duty proceedings before the International Trade Commission and Department of Commerce. Ms. McGee also counsels and represents clients in 337 investigations before the International Trade Commission.