US extends South Sudan & malicious cyber activity sanctions for 1 year

shutterstock_198276725.jpgSouth Sudan:

In April 2014, the US adopted Executive Order (EO) 13664, which declared a national emergency in respect of South Sudan (for activities that threatened the peace, security, or stability of South Sudan and the surrounding region). That EO imposed a number of asset freezing measures and travel restrictions.

On 27 March 2018, US President Trump extended for 1 year the sanctions contained in EO 13664 by continuing the national emergency as declared. White House Notice here.

Significant Malicious Cyber-Enabled Activities:

In April 2015, the US adopted EO 13694 (as amended by EO 13757, December 2016), which declared a national emergency in respect of those engaging in ‘Significant Malicious Cyber-Enabled Activities” (malicious cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the US). That EO imposed a number of asset freezing measures and travel restrictions.

On 27 March 2018, US President Trump extended for 1 year the sanctions contained in EO 13694 by continuing the national emergency as declared. White House Notice here.

US charges and sanctions Iranians for cybertheft

The US has charged 9 Iranians with conducting a massive cybertheft campaign on behalf of Iran’s Islamic Revolutionary Guard Corps, and imposed sanctions on them, a related company, and one other.  In the Department of Justice’s press release, Deputy Attorney General Rod Rosenstein accused the 9 people of stealing “more than 31 terabytes of documents and data from more than 140 American universities, 30 American companies, 5 American government agencies, and also more than 176 universities in 21 foreign countries. He added that in many cases they acted “at the behest of the Iranian government”.

As a result of the sanctions, the assets of the Mabna Institute, the 9 Iranians connected to it, and Behzad Mesri, who is the subject of a US indictment announced in November 2017 for cybertheft, are frozen and US people are generally prohibited from doing business with them. The US Treasury’s press release is here, and the details of the sanctions are here.

EU develops cybersanctions

The EU Council has agreed to develop a framework for a joint EU diplomatic response to malicious cyber activities, which will if necessary include new sanctions measures under the CFSP.  The EU’s agreement is a response to what it says is “the increased ability and willingness of state and non-state actors to pursue their objectives through malicious cyber activities”, and it said that states “should not knowingly allow their territory to be used for internationally wrongful acts using Information and Communication Technologies”. The Council’s press release is here.