WASHINGTON, D.C. — President Donald J. Trump on Friday signed an executive order directing federal agencies to build a coordinated plan to identify, disrupt, and dismantle foreign criminal networks behind ransomware, phishing, financial fraud, impersonation scams, and sextortion targeting Americans.
What This Means for You
- Federal agencies have 120 days to deliver a plan for targeting international scam networks that prey on Americans.
- The Justice Department is directed to prioritize prosecutions tied to cyber-enabled fraud, including scam-center and sextortion cases.
- The administration is considering a program that could return seized or forfeited money from cybercriminal groups to victims.
The order says many of those crimes are carried out by transnational criminal organizations, or TCOs, meaning international criminal networks that operate across borders, sometimes with support or tolerance from foreign governments. It also states that the United States will respond with law enforcement, diplomacy, and potentially offensive actions.
According to a White House fact sheet released Friday, American consumers reported losing more than $12.5 billion to cyber-enabled fraud in 2024. The fact sheet also said 73% of U.S. adults have experienced some kind of online scam or attack, while 87% of seniors view those threats as a major problem.
Deadlines Set for Federal Action
The order directs the secretaries of State, the Treasury, and Homeland Security, along with the attorney general and other federal officials, to review within 60 days the operational, technical, diplomatic, and regulatory tools now in place to combat cyber-enabled crime.
Within 120 days, those agencies must submit an action plan to the president identifying the criminal organizations behind scam centers and related cybercrime and recommending ways to prevent, disrupt, investigate, and dismantle them.
New Federal Coordination Cell Planned
The action plan must also provide for the creation of an operational cell within the National Coordination Center, a federal coordination hub referenced in an earlier executive order.
According to the order, that unit would coordinate federal efforts to detect, disrupt, dismantle, and deter cyber-enabled criminal activity carried out by foreign criminal networks targeting Americans, businesses, critical infrastructure, or public services.
The order says the plan should also improve information sharing, operational coordination, and rapid response across the federal government while drawing on commercial cybersecurity firms and other non-federal entities where appropriate.
Focus on Prosecutions and Victim Recovery
The order directs the attorney general to continue prioritizing prosecutions involving cyber-enabled fraud, including scam centers and sextortion schemes, and to pursue the most serious provable offenses under federal standards.
It also gives the attorney general 90 days to recommend whether the administration should establish a Victims Restoration Program. The proposed program would be designed to return money seized, clawed back, or forfeited from criminal organizations to victims of cyber-enabled fraud, to the extent allowed by law.
State and Local Governments Would Get Support
The Department of Homeland Security, acting through the Cybersecurity and Infrastructure Security Agency, is directed to work with the National Coordination Center to provide training, technical assistance, and resilience support for state, local, Tribal, and territorial governments.
The order says that work would include expanding defensive capacity, sharing threat intelligence, and helping protect critical infrastructure systems from cyber exploitation by foreign criminal groups.
Pressure on Foreign Governments
The State Department is directed to engage foreign governments and demand enforcement action against criminal organizations operating inside their borders.
The order says countries that tolerate those operations could face consequences consistent with U.S. law and policy, including targeted sanctions, visa restrictions, limits on foreign assistance, trade penalties, and, where appropriate, the expulsion of complicit foreign officials and diplomats from the United States. It also directs the State Department to coordinate with allies and partners so those consequences carry greater weight.
Broader Cyber Strategy Released
The executive order was released alongside a broader White House document titled President Trump’s Cyber Strategy for America, which lays out six policy pillars for the administration’s cyber agenda.
Those pillars include shaping adversary behavior in cyberspace, easing cyber regulation, modernizing federal networks, securing critical infrastructure, protecting emerging technologies, and building cyber workforce capacity.
The strategy also calls for closer coordination between government and private industry, greater use of offensive and defensive cyber capabilities, stronger protection for federal systems and supply chains, and expanded investment in technologies including artificial intelligence, quantum security, and cloud-based defenses.