The news: Hours before leaving the presidency, Donald Trump issued an executive order that requires American cloud computing companies to do more to verify the identities of their foreign customers. The stated aim is to help prevent hacking operations against the United States, although the timing and scope of the order mean it is surrounded by uncertainty.
What it says: The order instructs the Commerce Department to write new customer vetting regulations within six months for “infrastructure as a service” products offered by American tech giants such as Google, Microsoft, and Amazon. The new rules would set minimum customer identity verification standards and record-keeping requirements for cloud companies that sell to foreign customers. It includes sales made through resellers, which hackers have used in order to hide their identity before committing abuse.
Late in the day: The timing of the executive order—which was announced on the evening of January 19, the end of Trump’s last full day in office—is exceptional. Not only did it arrive just as the curtains close on his presidency, but it comes in the wake of an extraordinary hacking campaign against American government agencies and major companies. US intelligence agencies say the Russian government is “likely” behind the espionage campaign, a charge Moscow denies. The full impact of the operation is still being calculated.
Uncertain impact: In a statement released last night, National Security Advisor Robert C. O’Brien said attacks of this nature “played a role in every cyber incident during the last four years, including the actions resulting in the penetrations of United States firms FireEye and SolarWinds.” But whether rules like this would actually stop foreign hackers in practice is a source of debate. And since the order was signed so late and will take months to have any impact, the question of whether it lasts in its current form falls to Joe Biden’s incoming administration. Any of Trump’s executive orders could be revoked or tweaked by the new president, who is expected to sign a wave of such orders quickly as he comes into office.
Russia hacked an American satellite company one hour before the Ukraine invasion
The attack on Viasat showcases cyber’s emerging role in modern warfare.
Chinese hackers exploited years-old software flaws to break into telecom giants
A multi-year hacking campaign shows how dangerous old flaws can linger for years.
Transforming the automotive supply chain for the 21st century
Cloud-based tech solutions are helping manufacturers manage a new ecosystem of suppliers with greater agility and resilience.
The hacking industry faces the end of an era
But even if NSO Group is no more, there are plenty of rivals who will rush in to take its place. And the same old problems haven’t gone away.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.