Washington, D.C., April 23, 2020 – Since 2013, the United States has issued cyber-related sanctions and indictments against more than 190 individuals and entities to combat malicious cyber activity originating in China, Russia, North Korea, and Iran, according to a new infographic released today by the D.C.-based Foundation for Defense of Democracies (FDD). However, “the dataset illustrates that while sanctions and indictments have increased during the Trump administration, there is considerable room for improvement in addressing Chinese cyber operations,” says authors Trevor Logan and Pavak Patel. “An enforcement regime applied consistently to all foreign actors would signal to adversaries what the United States considers acceptable behavior in cyberspace. Without a clear deterrent from the United States, foreign hackers likely will continue to feel emboldened as they attack the United States while enjoying safe harbor in their home countries,” they conclude.
Among the authors’ observations are:
The interactive infographics illustrate the frequency with which the U.S. government deploys sanctions and indictments to combat malicious cyber activity conducted for the benefit or at the behest of China, Russia, Iran, or North Korea. This dataset can help analysts understand how the United States employs these tools and why it does so against certain cyber threat actors but not others, looking at why both sanctions and indictments are used against some targets but not others; what differences there are in usage related to the type of cyber operation, the evidence available, the nature of the U.S. relationship with the relevant nation-state, or some other consideration.
To date, it appears that the United States has used Treasury’s financial sanctions authorities and Department of Justice indictments in different ways for different threat actors. For example, while North Korean hackers are often considered more prolific and capable than their Iranian counterparts, the number of sanctions and indictments against actors from the DPRK is far less than the number of actors from Iran that the U.S. has targeted. Additionally, in the case of Chinese-backed cyber operations, Washington appears to have chosen to rely nearly exclusively on criminal indictments rather than pairing indictments with financial sanctions as the Trump administration has done particularly in the case of Russian operations.
FDD’s Center on Cyber and Technology Innovation created these visualizations and is making the underlying data publicly available so that others can build on this effort by pairing these data and graphics with additional tools and information.
The Foundation for Defense of Democracies (FDD) is a Washington, DC-based non-partisan policy institute focusing on foreign policy and national security. Visit our website at www.fdd.org and connect with us on Twitter, Facebook, and YouTube.