Trump issues last-minute order targeting foreign cyber threats

Donald Trump issued an executive order on the final night of his presidency aimed at forcing cloud providers to capture more complete records about foreign customers.

"Foreign actors use United States [cloud services] for a variety of tasks in carrying out malicious cyber-enabled activities, which makes it extremely difficult for United States officials to track and obtain information ... before these foreign actors transition to replacement infrastructure," according to a letter from Trump to Congress publicly released in the evening of Jan. 19.

To address those threats, the EO states, the government will move to require cloud providers to keep more complete records of foreign entities that they sell to and potentially require companies to limit "certain foreign actors’" access.

The secretaries of commerce, state, treasury, defense, homeland security, the attorney general and the director of national intelligence have discretion on which foreign entities could be barred through the executive order.

Crowdstrike founder and former CTO Dmitri Alperovitch said on Twitter that the policy outlined in the order could have helped the government gather more information in the wake of the SolarWinds Orion breach.In that breach, Alperovitch said, hackers "exclusively used US cloud infrastructure to make it difficult for US intelligence community to track them." Headded that "requirements like this one can go a long way to move these actors offshore and make it easier for [the government] to track them. One potential downside - the requirements can be quite onerous/expensive for smaller providers and may lose them foreign business."

It is not clear whether President-elect Joe Biden's administration will enforce the executive order. Ahead of the inauguration, Biden's transition team published a list of executive orders he'd immediately sign to undo certain Trump administration policies.

The Trump order has a six-month comment period.