Get all your news in one place.
100’s of premium titles.
One app.
Start reading
The Independent UK
The Independent UK
National
Eric Tucker

Biden administration releases new cybersecurity strategy

Copyright 2021 The Associated Press. All rights reserved

The U.S. government plans to expand minimum cybersecurity requirements for critical sectors and to be faster and more aggressive in preventing cyberattacks before they can occur, including by using military, law enforcement and diplomatic tools, according to a Biden administration strategy document.

The Democratic administration also intends to work with Congress on legislation that would impose legal liability on software makers whose products fail to meet basic cybersecurity safeguards, officials said ahead of the document's release Thursday.

The strategy largely codifies work that has already been underway during the last two years over a spate of high-profile ransomware attacks on critical infrastructure. An attack on a major fuel pipeline that caused panic at the pump and resulted in an East Coast fuel shortage as well as other attacks focused fresh attention on cybersecurity. But officials hope the new strategy lays the groundwork for countering an increasingly challenging cyber environment.

“This strategy will position the United States and its allies and partners to build that digital ecosystem together, making it more easily and inherently defensible, resilient, and aligned with our values,” the document states.

President Joe Biden's administration has already taken steps to impose cybersecurity regulations on certain critical industry sectors, such as electric utilities and nuclear facilities, and the strategy calls for minimum requirements to be expanded to other vital sectors.

Anne Neuberger, the administration's deputy national security adviser for cyber and emerging technology, said on a conference call with reporters that it was “critical that the American people have confidence in the availability and resiliency of our critical infrastructure and the essential services it provides.”

The strategy document calls for more aggressive efforts to thwart cyberattacks before they can occur by drawing on a range of military, law enforcement and diplomatic tools as well as help from a private sector that the report says “has growing visibility into the adversary sector.” Such offensive operations, the document says, need to take place with “greater speed, scale, and frequency.”

“Our goal is to make malicious actors incapable of mounting sustained cyber-enabled campaigns that would threaten the national security or public safety of the United States,” the strategy document says.

Under the strategy, ransomware attacks — in which hackers lock up a victim's data and demand large fees to return it — are being classified as a threat to national security rather than a criminal challenge, meaning that the government will continue using tools beyond arrests and indictments to combat the problem.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.