WASHINGTON (Reuters) – Outgoing President Donald Trump has signed an executive order aimed at thwarting foreign use of cloud computing products for malicious cyber operations against the United States, the White House said on Tuesday, Trump’s last full day in office.
The order, first reported by Reuters, gives the Commerce Department authority to write rules to bar transactions with foreigners in cloud computing products or services, if a foreigner uses them for cyber attacks.
“What we have seen in this space is that…an individual will rent thousands of pieces of this infrastructure inside the United States and resell them to actors who then abuse them,” a senior administration official told Reuters. “This provides the Secretary of Commerce the ability to say…’There is no reason for you to continue to have access to the nation’s products,'” the person added, noting the restrictions could apply to jurisdictions as well as people and companies.
The order also requires the agency to write rules in six months for U.S. providers of Infrastructure as a Service, a type of cloud computing, to verify the identity of foreigners with whom they do business and keep certain records.
U.S. officials have been working on the directive for nearly two years, the official said. But its unveiling will follow a massive hacking campaign which used U.S. tech company SolarWinds as a springboard to penetrate federal government networks. Senior U.S. officials and lawmakers have alleged Russia is to blame for the hacking spree, a charge the Kremlin denies.
Democratic President-elect Joe Biden, who will take the oath of office on Wednesday, could easily revoke an executive order issued in the waning days of the Trump presidency. Biden’s transition team did not immediately respond to a request for comment.
(Reporting by Alexandra Alper; Editing by Howard Goller and Lincoln Feast.)