The order targets foreign malicious cyber actors using U.S. “Infrastructure as a Service” (IaaS) products.
Note: Infrastructure as a Service (IaaS) is a type of cloud computing that virtualizes computing resources and dynamically provides computing resource services based on user demand, allowing consumers to deploy and run processing, storage, networking, and other basic computing resources without purchasing hardware equipment.
The Trump Executive Order states: “IaaS offerings provide people with the ability to run software and store data on leased servers without the cost of maintaining and operating those servers. Foreign malicious cyber actors threaten the national security of the United States by stealing intellectual property and sensitive data to harm the U.S. economy and conducting cyberattacks on U.S. critical infrastructure.”
“Foreign actors use U.S. IaaS products for a variety of tasks while conducting malicious cyber activities, making it extremely difficult for U.S. officials to track and obtain information through legal proceedings before foreign actors destroy evidence and move to another infrastructure.”
“Foreign providers of U.S. IaaS products make it easier for foreign actors to obtain them and evade scrutiny,” Trump said, adding that he is authorizing the Commerce Department to draft regulations requiring that U.S. IaaS providers should verify the identity of foreigners applying for accounts.
The order also gives the Commerce Secretary the authority to prohibit or restrict U.S. IaaS providers from opening accounts for persons in a foreign country or representatives of such persons if a significant number of U.S. IaaS products are found to be used in malicious cyber operations in that country.
National Security Adviser Robert O’Brien said Trump’s action is an “important step” in giving U.S. cyber defenders and investigators an edge in protecting the American people.
“Foreign malicious cyber actors threaten our economy and national security by stealing intellectual property and sensitive data, and by attacking U.S. critical infrastructure.” He said in the statement.
“By gaining access to U.S. IaaS products, foreign actors can steal the fruits of American innovation and prepare to anonymously conduct destructive attacks on our nation’s critical infrastructure,” O’Brien said, adding that “the misuse of U.S. IaaS products by malicious actors has played a role in every single one of the past four years played a role in the cyberattack, including the cyberattack operations that led to the compromise of U.S. companies FireEye and Solar Winds.”
The order comes on the heels of a massive hacking operation that occurred in late 2020. Hackers compromised federal government networks by planting malicious code in SolarWinds’ Orion software update files, which in turn compromised federal government networks. SolarWinds technology is used by all five branches of the U.S. military and numerous government agencies.
Secretary of State Mike Pompeo said on Mark Levin’s show in December 2020 that they believed Russia was behind the SolarWinds cyberattack. Then-Attorney General William Barr also said in December 2020 that he believed the hack was carried out by Russian hackers. However, the Kremlin denied any involvement in the cyberattack.