Senators Wants President to Designate 'Critical Cyber Threat Actors' with Mandatory Sanctions

One of the large video screens is checked in the Department of Homeland Security's National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Va., on Aug. 22, 2018. (AP Photo/Cliff Owen)

WASHINGTON — A new bipartisan bill in the Senate would require the president to designate every person or entity who directly or indirectly takes any malicious cyber actions against the United States a “critical cyber threat actor” and would require that the administration have a “framework to deter and respond” to all state-sponsored cyber attacks.

The Cyber Deterrence and Response Act from Sens. Cory Gardner (R-Colo.) and Chris Coons (D-Del.) mandates sanctions against all entities and people who are responsible for or complicit in cyber attacks against the U.S.

A version has been introduced in the House by Rep. Ted Yoho (R-Fla.).

Covered under the legislation are all “state-sponsored cyber activities that are reasonably likely to result in, or have contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States.”

Coons noted that “rivals like Russia, China, and Iran are enhancing their cyber capabilities and targeting our electoral process, financial system, and critical infrastructure,” and said the bill “will expose and impose costs on states that try to use cyberattacks to undermine American security and prosperity.”

“This bipartisan legislation is another step that Congress and the administration can take to deter foreign actors from carrying out cyberattacks against the United States,” Gardner said. “Our legislation will help provide additional tools for the administration to impose significant costs against malicious cyber actors, including state-sponsored actors, around the world that aim to endanger U.S national security and our economy.”

Gardner is an original co-sponsor of the Defending American Security from Kremlin Aggression Act of 2018, which levies deep sanctions on Russia in response to the Kremlin’s continued interference in the 2018 campaign cycle and nefarious activities in Syria and Ukraine.

That legislation rolls in another bipartisan bill from Gardner, and Sen. John McCain (R-Ariz.), Tim Kaine (D-Va.) and Jack Reed (D-R.I.) that would require two-thirds of the Senate to approve any presidential effort to withdraw from NATO. It also includes provisions “expediting the transfer of excess defense articles to NATO countries to reduce some NATO countries’ dependence on Russian military equipment.”

The bill would establish an Office of Cyberspace and the Digital Economy within the State Department to “lead diplomatic efforts relating to international cybersecurity, Internet access, Internet freedom, the digital economy, cybercrime, deterrence and responses to cyber threats.” Also created would be a National Fusion Center to Respond to Hybrid Threats. Foreign nationals who have interfered in U.S. elections would be inadmissible to the United States under election law. The bill also includes legislation from Gardner and Menendez that would require a review on whether Russia should join Iran, North Korea, Sudan and Syria as designated state sponsors of terror.

The legislation also includes new sanctions on individuals tied to the Putin regime, sanctions on Russian energy projects, new cybercrime sector-specific sanctions, a block on Americans’ involvement in certain Russia cyber projects, and reporting requirements for certain high-dollar real-estate transactions.

The bill requires “a report on the net worth and assets of Vladimir Putin,” who could be worth $70 billion to $200 billion.