Days before leaving office, President Joe Biden signed an executive order to shore up the United States’ cybersecurity by making it easier to sanction hacking groups targeting federal agencies and the nation’s critical infrastructure.
These also include ransomware gangs, which have been continuously targeting U.S. healthcare organizations in recent years, causing disruptions by encrypting systems and stealing the personal and sensitive health data of tens of millions of Americans.
Today’s executive order also takes additional steps to expand on Executive Order 13694, issued in April 2015 by President Obama, which authorizes sanctions on entities and individuals responsible for or complicit in cyberattacks that result in a “significant threat to the national security, foreign policy, or economic health or financial stability of the United States.”
“Significant malicious cyber-enabled activities continue to pose an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States,” President Biden said in a message to Congress published on Thursday.
“To address this continuing national emergency and protect against the growing and evolving threat of malicious cyber-enabled activities against the United States and United States allies and partners, including the increasing threats by foreign actors of unauthorized access to critical infrastructure, ransomware, and cyber-enabled intrusions and sanctions evasion, section 9 of the Executive Order I have issued updates the criteria to be used by the Secretary of the Treasury in designating a person for sanctions for engaging in specified malicious cyber-enabled activities and related conduct.”
Besides making it more straightforward to go after hackers targeting U.S. federal agencies and individuals, “with the People’s Republic of China presenting the most active and persistent cyber threat,” Biden’s executive order addresses other major cybersecurity issues, including:
- Improving cybersecurity against cyberattacks that disrupt the delivery of critical services
- Improving the security and integrity of software used by the Federal Government
- Improving cybersecurity across federal systems by adopting proven security practices from industry
- Securing Federal Government communications against adversarial nations and criminals
- Accepting digital identity documents to combat cybercrime and fraud
- Promoting security with and in Artificial Intelligence (AI)
- Aligning federal agencies’ investments and priorities to improve security controls
“The goal is to make it costly and harder for China, Russia, Iran, and ransomware criminals to hack and to also signal that America means business when it comes to protecting our citizens,” Biden’s deputy national security adviser for cyber and emerging technology Anne Neuberger told reporters, according to The Record.
“This really is the capstone cyber executive order reflecting lessons learned from how cyber attackers got in to conduct some of the most significant attacks that were either disruptive of critical infrastructure or particularly harmful to national security.”
The executive order also builds on the Biden Administration’s previous work to defend the U.S. from cyber attacks linked to cyber criminals and nation-backed threat groups.
This includes two national security memoranda: one in July 2021 to help strengthen critical infrastructure security and one in January 2022 to modernize cybersecurity defenses of national security systems, which are part of critical U.S. government networks used in military and intelligence activities.
In May 2021, President Biden signed another executive order to boost the country’s security defenses against cyberattacks and provide law enforcement with timely access to information necessary to conduct investigations.
Source link
-
-
-
-
-
-
-
-
