Today, I issued an Executive Order that provides a new authority to respond to the threat posed by malicious cyber actors. Cyber threats pose one of the most serious economic and national security challenges to the United States, and my Administration is pursuing a comprehensive strategy to confront them. As we have seen in recent months, these threats can emanate from a range of sources and target our critical infrastructure, our companies, and our citizens. This Executive Order offers a targeted tool for countering the most significant cyber threats that we face.

This Executive Order authorizes the Secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, to impose sanctions on individuals or entities that engage in malicious cyber-enabled activities that create a significant threat to the national security, foreign policy, or economic health or financial stability of the United States. The malicious cyber-enabled activity must have the purpose or effect of significantly harming or compromising critical infrastructure; misappropriating funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain; knowingly receiving or using trade secrets that were stolen by cyber-enabled means for commercial or competitive advantage or private financial gain; disrupting the availability of a computer or network of computers (for example, through a denial of service attack); and attempting, assisting or providing material support for any of the above activities.

I intend to employ the authorities of my office and this Administration, including diplomatic engagement, trade policy tools, and law enforcement mechanisms, to counter the threat posed by malicious cyber actors. This Executive Order supports the Administration’s broader strategy by adding a new authority to combat the most serious malicious cyber threats that we face.