WASHINGTON – U.S. Senators Chris Coons (D-Del.) and Cory Gardner (R-Colo.) today introduced the Cyber Deterrence and Response Act. This legislation establishes a framework to deter and respond to state-sponsored malicious cyber activity against the United States. The bipartisan bill also requires the Administration to impose sanctions against all entities and persons responsible or complicit in malicious cyber activities aimed against the United States. This act is companion to legislation introduced in the House by Representative Ted Yoho (R-Fla.).  

“Our bipartisan bill will help the Administration impose real costs on malicious actors involved in state-sponsored cyberattacks,” said Senator Coons. “This is extremely important as countries like Russia, China, Iran, and North Korea increasingly use their cyber capabilities to threaten the security and prosperity of the United States and our allies.”

“This bipartisan legislation is another step that Congress and the Administration can take to deter foreign actors from carrying out cyberattacks against the United States,” said Senator Gardner. “Our legislation will help provide additional tools for the Administration to impose significant costs against malicious cyber actors, including state-sponsored actors, around the world that aim to endanger U.S. national security and our economy.”

Cyber Deterrence and Response Act:

  • Establishes a framework to deter and respond to state-sponsored malicious cyber activity against the United States;
  • Requires the President to designate as a “critical cyber threat actor” each foreign person or each agency or instrumentality of a foreign state that the President determines to be responsible for or complicit in, or have engaged in, directly or indirectly, state-sponsored cyber activities that are reasonably likely to result in, or have contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States;
  • Mandates the imposition of sanctions from a menu of options against any “critical cyber threat actor”;
  • Provides an opportunity for the President to waive the imposition of sanctions; and
  • Calls on the Administration to implement the cybersecurity provisions of the Asia Reassurance Initiative Act (ARIA).