Share this e-Alert:

Polsinelli - International Polsinelli - International


April 2015


President Obama Signs New Executive Order Targeting Significant Malicious Cyber-Enabled Activities






For more information on this alert, please contact:


International Leaders:


Jonathan K. Henderson

Practice Area Chair


Email | Bio


Jacob W. Bayer, Jr.

Practice Area Vice Chair


Email | Bio


Phillip P. Guttilla

Practice Area Vice Chair


Email | Bio


Melissa Miller Proctor




To view a full list of our International professionals, click here.


For current Intelligence or to learn more about our International practice, click here.


View Polsinelli documents on JD Supra  


LinkedIn Twitter Facebook Inside Law Podcast Connect with us on LinkedIn. Connection with us on Twitter. Connect with us on Facebook.




On April 1, 2015, the Obama Administration issued an Executive Order that will sanction individuals and entities that attempt, carry out or support malicious cyber-enabled activities that pose a significant threat to U.S. national security, foreign policy, as well as the country's economic health and financial stability. Often, these activities are carried out by non-U.S. persons working, in whole or in part, outside of the United States; as such, they may be beyond the reach of traditional U.S. law enforcement authorities. Therefore, the Administration is imposing financial sanctions against these parties in the same way that foreign terrorists, narcotics traffickers and criminal organizations are targeted. The Executive Order directs the State Department to impose travel bans on designated parties, prohibiting their entry into the United States, and orders the Treasury Department's Office of Foreign Assets Control ("OFAC") to freeze their assets. Of greatest significance is the fact that U.S. persons1 will be prohibited from engaging in virtually all dealings with designated parties, including transfers or receipts of funds, goods, services or donations that involve the newly sanctioned targets. The State and Treasury Departments will soon begin identifying and formally designating parties that will be sanctioned under the Executive Order. Therefore, U.S. companies are urged to take steps now to ensure that their OFAC compliance programs will effectively address this new set of sanctions.

At a granular level, the Executive Order focuses on certain cyber-enabled activities that compromise computers or networks that support a critical infrastructure sector2, impede the provision of services by critical infrastructure sector entities, cause significant computer or network disruptions, or result in the misappropriation of funds, economic resources, trade secrets, personal identification information or financial data for commercial, competitive or private gain. These activities may include gaining unauthorized access to computer systems through remote access, bypassing firewalls, or compromising the security of hardware or software. The Executive Order also sanctions parties who have knowingly obtained or used trade secrets that were misappropriated through cyber-enabled means. It is important to note, as in other OFAC sanctions programs, parties that are owned by, controlled by, or who serve as agents for the designated sanctions targets will also themselves be subject to the Executive Order.

In the list of FAQs relating to the Executive Order posted on its website, OFAC notes that the sanctions do not apply to legitimate cyber-enabled activities, such as lawful penetration testing as part of academic research, commercial innovation, competitions, or conventions. The order also does not target legitimate network defense and maintenance activities performed by authorized security experts or companies. Further, individual victims whose computers have been compromised and unwittingly used in subsequent malicious cyber-related activities will also not be targeted under the sanctions.


At the present time, U.S. persons are not required to take any immediate and affirmative actions to comply with the Executive Order as no parties have been formally designated by the Departments of State and Treasury. Once parties have been so designated, however, they will be added to OFAC's Specially Designated Nationals List ("SDN List"). U.S. persons will then be expected to take steps to avoid dealings with designated parties or any entity that is owned or controlled by them. To this end, U.S. companies in particular are expected to ensure that their OFAC compliance policies and procedures will effectively address these new sanctions. Their compliance programs should include screening, training, regular internal auditing, and the establishment of swift issue escalation mechanisms. The consequences of non-compliance with these new sanctions are severe and may include the imposition of maximum civil penalties of up to $250,000 per violation, criminal fines, imprisonment, negative publicity, and possibly the suspension of export privileges in certain cases.

For More Information

For more information on this Executive Order or counsel on other international trade or economic sanctions-related issues, please contact a member of our International practice or your Polsinelli attorney.


1 The term U.S. person encompasses U.S. citizens, lawful permanent residents, individuals protected under U.S. immigration laws, and foreign persons physically located in the United States. The term also includes U.S. companies and business entities, their foreign branches, and foreign businesses that are separately incorporated to do business in the United States.

2The term critical infrastructure refers to sixteen distinct sectors: chemical; commercial facilities; communications; critical manufacturing; dams; defense industrial base; emergency services; energy; financial services; food and agriculture; government facilities; healthcare and public health; nuclear reactors, materials and waste; transportation; and, water and wastewater systems.











Atlanta  Chattanooga  Chicago  Dallas  Denver  Edwardsville  Jefferson City  Kansas City  Los Angeles  New York
Overland Park  Phoenix  Raleigh  St. Joseph  St. Louis  Springfield  Topeka  Washington, D.C.  Wilmington








real challenges. real answers.SM  
Polsinelli is a first generation Am Law 100 firm serving corporations, institutions, entrepreneurs and individuals nationally. Our attorneys successfully build enduring client relationships by providing practical legal counsel infused with business insight, and with a passion for assisting General Counsel and CEOs in achieving their objectives. Polsinelli is ranked 18th in number of U.S. partners* and has more than 740 attorneys in 20 offices. Profiled by The American Lawyer and ranked as the fastest growing U.S. law firm over a six-year period**, the firm focuses on health care, financial services, real estate, life sciences and technology, energy and business litigation, and has depth of experience in 100 service areas and 70 industries. The firm can be found online at Polsinelli PC. In California, Polsinelli LLP.

* Law360, March 2014
** The American Lawyer 2013 and 2014 reports







Polsinelli provides this material for informational purposes only. The material provided herein is general and is not intended to be legal advice. The choice of a lawyer is an important decision and should not be based solely upon advertisements.

Copyright © 2015 Polsinelli PC.

Connect with us on LinkedIn. Connection with us on Twitter. Connect with us on Facebook. Polsinelli International International