Biden executive order aims to shore up US cyber defences
Thursday’s order includes provisions requiring government contractors to show they are meeting federal security standards.
US President Joe Biden has issued an executive order aimed at strengthening the nation’s cybersecurity and making it easier to go after foreign adversaries or hacking groups that try to compromise US internet and telecommunication systems.
Provisions in the order call for the development of minimum cybersecurity standards for government technology contractors and require that contractors submit evidence that they are complying with the rules.
They also are aimed at making it easier for US authorities to sanction foreign governments that target the US with cyberattacks – a change that comes after several recent hacking incidents linked to China, Iran, Russia and North Korea.
Among other changes, the order allows sanctions to be imposed on foreign hackers who target hospitals or other organisations with ransomware.
The order also requires federal agencies to improve cybersecurity to protect against the threat posed by powerful quantum computers, which cyber experts say could be used to easily break into many systems.
It is an issue that could have direct national security implications if a foreign adversary builds a computer sophisticated enough to break American codes.
The White House issued the order just days before Mr Biden, a Democrat, leaves office.
Republican President-elect Donald Trump’s administration could rescind the policy in favour of its own proposals.
But deputy national security adviser Anne Neuberger said the order’s twin goals – strengthening cybersecurity and punishing those responsible for cyberattacks – should win bipartisan support.
The order is intended to show that “America means business when it comes to protecting our businesses and our citizens,” Ms Neuberger said while briefing reporters on the new policies.
The policies build on several earlier actions by the Biden administration intended to boost defences against cyber intrusions – whether they target the government, critical infrastructure such as ports or power plants, US businesses or individual users.
Earlier this month, the White House announced a labelling programme designed to help consumers pick smart devices that are more resistant to hacking.
Under the cyber trust mark programme, manufacturers of internet-connected devices can attach the label to let buyers know the product meets federal cybersecurity standards.
Mr Trump has not announced his picks for top national cybersecurity positions.
John Ratcliffe, Mr Trump’s nominee to be CIA director, said on Wednesday during his Senate confirmation hearing that it is essential the US improves its defensive and offensive cyber capabilities to keep up with China and other adversaries.
“We have the best code makers and code breakers in the world,” Mr Ratcliffe said of American spy agencies. “But if China gets to quantum computing before we do, that’s a real problem.”
