In the final days of his presidency, Joe Biden signed an executive order aimed at bolstering the United States’ cybersecurity infrastructure. This order makes it easier to impose sanctions on hacking groups, including ransomware gangs, that target U.S. federal agencies and critical infrastructure. These attacks have caused significant disruptions in sectors such as healthcare, where ransomware has led to encrypted systems and the theft of sensitive health data. The executive order builds on previous measures, such as Executive Order 13694, which was issued by President Obama in 2015, to protect national security, the economy, and financial stability by targeting malicious cyber actors.
Biden’s order also updates the criteria for imposing sanctions on individuals and entities involved in cyberattacks
To those that pose a “significant threat” to the U.S. It specifically addresses the growing risk from foreign actors, particularly the People’s Republic of China, which is seen as a persistent threat to U.S. cybersecurity. The goal is to create a more proactive approach to defending against attacks that target critical infrastructure, government communications, and other vital sectors, while deterring adversarial nations and cybercriminals from exploiting vulnerabilities.
Key aspects of the executive order include enhancing cybersecurity for critical services, improving the integrity of government software, and adopting industry best practices for federal systems. It also focuses on securing federal communications and fighting cybercrime by accepting digital identity documents. A new priority is securing federal investments and aligning them with enhanced security controls, with an emphasis on securing AI technologies. This effort is meant to raise the cost and difficulty for nations like China, Russia, and Iran, as well as ransomware criminals, to carry out their attacks, signaling that the U.S. is serious about protecting its citizens.
The executive order represents a comprehensive approach to defending the U.S. from both state-backed cyberattacks and criminal groups. It builds on previous national security initiatives, such as the July 2021 memorandum on critical infrastructure security and the January 2022 memorandum on modernizing cybersecurity in national security systems. Additionally, the order follows the May 2021 executive order aimed at improving the security of critical infrastructure and facilitating timely information sharing for law enforcement to investigate cyberattacks. The measures underscore a long-term commitment to improving the nation’s cybersecurity defenses.