WASHINGTON (AP) — President Joe Biden issued an executive order Thursday aimed at strengthening the nation's cybersecurity and making it easier to go after foreign adversaries or hacking groups that try to compromise U.S. internet and telecommunication systems.
The order calls for the development of minimum cybersecurity standards for government technology contractors and requires that contractors submit evidence that they're complying.
It is also aimed at making it easier for U.S. authorities to penalize foreign governments that target the U.S. with cyberattacks, in the wake of recent hacking incidents linked to China, Iran, Russia and North Korea. Among other changes, the order allows sanctions to be imposed on foreign hackers who target hospitals or other organizations with ransomware.
The order requires federal agencies to improve cybersecurity to protect against the threat posed by powerful quantum computers, which experts say could be used to easily break into many systems. That could have direct national security implications if a foreign adversary builds a computer sophisticated enough to break American codes.
The order comes just days before Biden, a Democrat, leaves office. Republican President-elect Donald Trump's administration could rescind the policy in favor of its own proposals. But deputy national security adviser Anne Neuberger said the order's twin goals — strengthening cybersecurity and punishing those responsible for cyberattacks — should win bipartisan support.
The order is intended to show that "America means business when it comes to protecting our businesses and our citizens," Neuberger said while briefing reporters on the new policies.
While the order sets out critical cybersecurity standards that should better protect businesses, governments and consumers, some of the reporting requirements could create compliance challenges for tech companies, according to Cory Michal, chief security officer at AppOmni, a software security company based in San Mateo, California.
Michal said the rapid development of cloud computing and smart devices has created vulnerabilities that touch almost all areas of people's lives.
“Our modern society is fundamentally built on the internet, with critical business, governmental, and personal activities dependent on its infrastructure," Michal said.
Biden's order builds on several earlier actions to boost defenses against cyber intrusions, whether they target the government, critical infrastructure such as ports or power plants, U.S. businesses or individual users.
Earlier this month, the White House announced a labeling program designed to help consumers pick smart devices that are more resistant to hacking. Under the cyber trust mark program, manufacturers of internet-connected devices can attach the label to let buyers know the product meets federal cybersecurity standards.
Trump has not announced his picks for top national cybersecurity positions. John Ratcliffe, Trump's nominee to be CIA director, said Wednesday during his Senate hearing that it was essential the U.S. improve its defensive and offensive cyber capabilities to keep up with China and other adversaries.
“We have the best code makers and code breakers in the world,” Ratcliffe said of American spy agencies. “But if China gets to quantum computing before we do, that’s a real problem.”
Credit: AP
Credit: AP