The Biden Administration Cracks Down on Cyberattacks

 

During Biden’s first six months in office, government agencies and critical companies were beset by cyberattacks. These incidents included the SolarWinds hack, which involved Russian government hackers infiltrating around a dozen agencies for at least a year. Ransomware attacks, also a major source of concern, forced the Administration to reckon with the Colonial Pipeline, the source of almost half of the East Coast’s fuel supply. In May 2021 operations of that facility were shut down. In the years since, cybersecurity concerns have only increased, including a recent Chinese-linked breach that impacted email accounts at the Commerce and State departments. New vulnerabilities opened up by the potential use of artificial intelligence technologies, and new geopolitical-linked targeting of critical systems.

Responding to these threats the White House released a national cyber strategy in March 2023, the first since 2018. The strategy has five pillars including strengthening international cyber diplomacy efforts, securing emerging critical technologies, and taking aggressive steps to disrupt hacking groups. The strategy also made clear that the Biden administration intends to take a strong approach to issuing new regulations for critical sectors, for example, health care or electricity.

This strategy, a significant development in the United States' approach to cybersecurity, aimed to address the increasingly complex and evolving threats in the digital landscape. It underscored the Biden administration's commitment to enhancing the nation's cyber defenses and ensuring resilience against cyber threats.

The strategy outlined the goals and established a path for the federal government to reduce the threat of cyberattacks; when paired with an implementation plan for the strategy released in July, there are now firm agenda items for enhancing security.

Building upon previous frameworks, the 2023 National Cyber Strategy introduced several critical shifts in focus and methodology. One of the primary goals of this strategy is to rebalance the responsibility for cybersecurity away from end-users and towards organizations that are best positioned to mitigate risks. This includes technology firms, software developers, and other entities within the private sector. The strategy outlined a vision where these stakeholders played a more proactive role in securing cyberspace by implementing robust security measures and protocols.

A central pillar of the new strategy is the defense of critical infrastructure. The White House emphasized that vulnerable critical infrastructure sectors, such as energy, healthcare, and financial services, are of paramount importance to national security. Consequently, the strategy calls for enhanced collaboration between the government and private sector to protect these vital systems. This involves sharing threat intelligence, developing joint response plans, and investing in technologies that can detect and neutralize threats before they cause significant damage.

The strategy also prioritizes the need for resilience in the face of cyber incidents. It acknowledges that despite the best preventive measures, breaches will occur, and thus, the ability to recover quickly is crucial. This includes improving incident response capabilities, developing robust backup systems, and ensuring continuity of operations even under attack. By fostering a culture of resilience, the strategy aims to minimize the impact of cyber incidents on the nation's critical functions.

Another notable aspect of the 2023 strategy is its focus on international cooperation. Cyber threats are not confined by national borders, and effective cybersecurity requires global collaboration. The strategy advocates for building strong alliances with international partners to combat cybercrime, share best practices, and establish norms of responsible state behavior in cyberspace. This approach aims to create a unified front against adversaries and promote a stable and secure global digital environment.

Furthermore, the strategy recognized the importance of workforce development in cybersecurity. Addressing the current shortage of skilled cybersecurity professionals is critical to the success of the national cyber strategy. To this end, the strategy calls for investments in education and training programs to cultivate a pipeline of talent equipped to tackle the challenges of modern cybersecurity. Initiatives to promote diversity and inclusion in the cybersecurity workforce are also highlighted, ensuring that the field benefits from a wide range of perspectives and skills.

The release of this strategy comes at a time when cyber threats are becoming more sophisticated and pervasive. High-profile incidents, such as the SolarWinds breach and ransomware attacks on critical infrastructure, have underscored the urgent need for a robust national cyber defense. The 2023 National Cyber Strategy represents a comprehensive and forward-looking plan to address these challenges and safeguard the nation's digital future.

While cyberattacks have not slowed down since the release of the strategy, the federal government now has a solid road map for the years to come on how to respond to attacks. However, if Biden is not reelected next year, a new administration may seek to change the goals of the strategy, or even put out a new one.

In conclusion, the 2023 National Cyber Strategy released by the White House is a pivotal step in strengthening the United States' cybersecurity posture. By shifting responsibility towards capable entities, defending critical infrastructure, promoting resilience, fostering international cooperation, and developing the cybersecurity workforce, the strategy aims to create a secure and resilient digital environment. As cyber threats continue to evolve, this strategy provides a vital roadmap for protecting national security and economic stability in the digital age.

Full disclosure: this post was written with assistance from AI applications. Claims made were fact-checked for accuracy.

References:

White House National Cyber Strategy. (2023). Retrieved June 21, 2024, from https://www.whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/

Department of Homeland Security, Cybersecurity Overview Retrieved June 21 from 2024https://www.dhs.gov/topic/cybersecurity/

Comments

Post a Comment

Popular posts from this blog

In Memoriam of Dorothy Austad

Image
  My name is Frank Austad. I use the moniker of Frank No Mustard or Franken Honest because I value my privacy. Conversely, I also frequently post on a number of social media platforms such as Facebook, Deviant Art (Frank10290), YouTube (@franknomustard), BlueSky, and the Franken Honest blog (hello!) - and also on Substack, look for Frank, No Mustard there! I don’t like being a privacy maniac, but I don't like sharing too much personal information here (or anywhere else, for that matter), either. What I would rather draw your attention to is the importance of public discourse on Science, music, art, and politics. Being a fairly average American, I believe in the right that everyone has to hear my opinion on these and other subjects. However, the purpose of today’s article is to share with you about my loving mother, nurse Dorothy Austad, RN. Mothers are very important to families. I believe that if we showed more respect, caring, dignity, appreciation, and a beholden respo...
Read more

Open Letter to Congress: Uphold the Constitution and Check Presidential Overreach

Image
Please read this letter all the way through. I would urge that you copy and paste this into an email (or spend the stamp and mail a letter) to your elected representatives. At the bottom of this article are also some other considerations. Dear [Senator/Representative] [Last Name],  I write to you as a concerned citizen deeply troubled by the ongoing abuse of power stemming from President Donald Trump’s emergency declaration, which has been used to justify sweeping deportations, the detention of public officials, and the erosion of constitutional norms. While immigration enforcement is a legitimate function of government, the weaponization of emergency powers to bypass Congress, target political adversaries, and undermine due process represents a dangerous precedent that must be stopped.  Article I of the Constitution grants Congress—not the president—the power to legislate and allocate funds. The National Emergencies Act of 1976 was never intended to be an end-run around congr...
Read more

The Screaming Goat Speaks.

Image
 A while back I saw a video on YouTube complaining that Microsoft's CoPilot AI feature was essentially the equivalent of a "screaming goat" video, implying that the program was to him, a useless irritating feature that he found no use at all in his work. The man was a writer, like me, but unlike me, he still had the talent, tenacity and determination to not rely upon artificial intelligence to fill in the gaps in his writing. Here is a link to the video I am referencing: https://www.youtube.com/watch?v=eYVPThx7yss This article seeks to illuminate that scenario. I'll start it with my entry into Copilot: Me: This program is described as a screaming goat video, meaning that you're an essentially useless feature. Prove me wrong in 500 words or less using layman's language. Copilot: I get it—there's skepticism when it comes to AI, especially when it seems like a flashy addition rather than a meaningful tool. But let me show you why I aim to be far more than j...
Read more