Cyber Sanctions and Idle Threats
As a young boy, I would sometimes be bullied by my peers. But even worse than the bullying was the perception of being unable to respond. If I said something like "do that again and I'll hit you" the harsh response would be the taunt "idle threats" -- a sign that my bully knew I was bluffing and had no real response.
Published by The Lawfare Institute
in Cooperation With
As a young boy, I would sometimes be bullied by my peers. But even worse than the bullying was the perception of being unable to respond. If I said something like "do that again and I'll hit you" the harsh response would be the taunt "idle threats" -- a sign that my bully knew I was bluffing and had no real response.
I was reminded of these painful memories from my youth, today, at the RSA Conference during a discussion of America's response to state-sponsored economic espionage. Why? Because we are coming up on the one year anniversay of President Obama's Executive Order, "Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities" and, at least as far as the public record reflects the substantial new sanction powers have not been used -- AT ALL. Now, I am more than willing to accept a high degree of caution in deploying a new legal tool. And I am more than willing to acccept that it takes a while to lay the groundwork for implementiing a new sanctons regieme. But is it really the case that in over a year, we have not been able to identify a single person in the entire world who is engaged in significant malicious cyber-enabled activities that warrant response? Or was this EO just an idle threat that the bullies can ignore?
