President Joe Biden signed an executive order on Thursday designed to bolster the nation’s cybersecurity framework and facilitate actions against foreign adversaries or hacking groups that threaten U.S. internet and telecommunications.
The directive mandates the establishment of baseline cybersecurity standards for technology contractors working with the government, requiring these contractors to provide proof of their compliance.
Additionally, this order aims to empower U.S. officials to hold foreign nations accountable for cyberattacks targeting the country, particularly following a series of hacking incidents attributed to nations such as China, Iran, Russia, and North Korea.
Among the significant changes introduced, the order permits sanctions against foreign hackers who launch ransomware attacks directed at hospitals or other critical organizations.
To address the potential threat posed by advanced quantum computers— which experts warn could effortlessly infiltrate various systems— the order compels federal agencies to enhance their cybersecurity measures.
The implications of foreign adversaries acquiring such powerful technology to decode American communications could have severe national security consequences.
As Biden, a Democrat, prepares to exit the presidency, the order may face reevaluation by the incoming Republican administration under President-elect Donald Trump. However, Deputy National Security Adviser Anne Neuberger indicated that the order’s primary objectives— enhancing cybersecurity and penalizing cyberattackers— are likely to garner bipartisan endorsement.
Neuberger emphasized that the initiative sends a strong message: “America means business when it comes to protecting our businesses and our citizens.”
Although the order outlines crucial cybersecurity standards aimed at safeguarding businesses, governments, and consumers, some reporting requirements might impose compliance hurdles for technology firms, as noted by Cory Michal, Chief Security Officer at AppOmni, a security software company.
Michal pointed out that the swift expansion of cloud computing and intelligent devices has resulted in vulnerabilities permeating nearly every aspect of daily life.
“Our modern society is fundamentally built on the internet, with critical business, governmental, and personal activities dependent on its infrastructure,” Michal remarked.
Biden’s directive builds on a series of previous measures intended to enhance defenses against cyber intrusions targeting the government, critical infrastructure—including ports and power plants— U.S. businesses, and individual users.
Earlier in the month, the White House unveiled a labeling initiative designed to assist consumers in selecting smart devices that offer heightened resistance to hacking. The Cyber Trust Mark program allows manufacturers of internet-ready products to display the label when their devices meet federal cybersecurity criteria.
While Trump has yet to disclose his selections for prominent national cybersecurity roles, John Ratcliffe, his nominee for CIA director, stated during his Senate hearing that the U.S. must bolster both its defensive and offensive cyber capabilities to stay ahead of nations like China.
“We have the best code makers and code breakers in the world,” Ratcliffe asserted regarding American intelligence agencies. “But if China achieves quantum computing before we do, that’s a real problem.”