Biden Administration’s Cybersecurity Strategy Takes Aim at Hackers

Image for article titled I read the Biden administration's new cyber policy, so you don't have to

picture: McNamee wins (Getty Images)

Since taking office, Joe Biden has announced that he will take cybercrime very seriously. It’s not that Biden is the world’s tech-savvy eight, it’s that he’s simply responding to security challenges that have evolved over the course of his watch — most notably a series of increasingly destructive cyberattacks that have occurred during his first year as president. The latest iteration of the Biden administration’s efforts to make the internet a safer place was the government’s official announcement recently Cyber ​​security strategy, which was posted to WH on Thursday. The strategy could have significant impacts on government efforts to deter cybercriminals and, if implemented effectively, have a significant impact on multiple areas of the technology industry.

full a report The strategy of the new government has 39 pages and thousands and thousands of words, but I tightened it and tried to shorten it to only 1,500 words. Here are some key points.

#1: Protecting “critical infrastructure,” aka making sure the things that really matter don’t get compromised

Critical infrastructure is a very big topic in cybersecurity, which is why it makes sense that the first pillar of WH’s cybersecurity strategy involves adopting broader protections for it. The strategy states, “We will give the American people confidence in the availability and resilience of our critical infrastructure and the essential services they provide.”

This sounds good, but you might find yourself wondering what exactly might be described as “critical infrastructure”.

The short answer is: a lot of things. You can think of CI as relating to industrial systems that provide services to large groups of people: this includes things like power grids, oil pipelines, dams, local and regional water supplies, nuclear power plants, ISPs, broadband providers, and other things of that nature. Most of these things They are controlled by programs connected to the Internet, called SCADAs, an acronym for Supervisory Control and Data Acquisition Systems. Said systems are software designed to allow remote access and control of industrial systems. Problematically, you just happen to be It is completely hackable. The most famous example of a SCADA system hack is Stuxnet incident, in which Internet operators acting on behalf of both the US and Israeli governments used a sophisticated worm to connect one of Iran’s reactors to its nuclear weapons program. However, smaller, more mundane targets are more vulnerable to being hacked, and can cause this to happen a lot of damage.

to protect all of this Significantly, the government has proposed a number of different initiatives, perhaps the most notable of which is the development of new federal regulations to enforce minimum security requirements for particularly critical sectors and CI service providers. The reason for the government’s intent to protect critical infrastructure seems pretty clear. In addition to it being just a really good idea, the Biden administration clearly doesn’t want a repeat of 2021 when the ransomware gang The dark side attacked Colonial Pipeline. This attack, which threatened vital energy flows in large parts of the Southeast, was considered one of the worst cyberattacks on critical U.S. infrastructure to date and was neither an easy fix for the government, nor a good look for the incoming administration.

#2: The United States will continue to kick bad pirates in the ass

The only thing the US government is usually good at is kicking people’s ass, and lately it’s had sexy scenes been trained On those who dwell in the digital underworld. Well, the strategy was released this week He asserts that, for the foreseeable future, America will continue to hit threat actors where it hurts them.

Indeed, tThe Biden administration envisions a future in which “all levers of national power” are brought to the point where “malicious cyber actors are unable to threaten the national security or public safety of the United States.” From a real-world perspective, what this means is leveraging law enforcement resources (eg hunting down cyber-hackers on government projects like the FBI Joint National Cyber ​​Investigation Task Force) and existing international partnerships (such as the recently launched one Anti-ransomware), to continue expelling cybercriminals. At the same time, the administration also says it wants to speed up preventive measures, such as Share information among the technology industry and government, as well as broader communication and coordination between the public and private spheres.

This ongoing war with cybercriminals makes sense – for a number of different reasons. When Biden first took office, it was the scourge of ransomware at its height. In particular, 2021 attacks On the colony’s pipeline it was seen as a wake-up call and a national security emergency. Since then, the Biden government has waged a retaliatory campaign against the ransomware industry. This included the development of a number of task forces and international summits to address the problem, along with the launch of the new Ministry of Justice. Guidelines To investigate and prosecute ransomware cases. At the same time, a host of law enforcement operations, largely led by the NCIJTF, have sought to disables Large swathes of the ransomware ecosystem, including a modern and sophisticated one share of Within the Hive gang, whose activities were effectively neutralized in February.

In the new report, the government makes it clear that it will continue to do things like this and that its ultimate goal is literally to “defeat ransomware.” In fact, the administration says it is “committed to escalating opt-out campaigns and other efforts that are ongoing, coordinated, and targeted so that ransomware is no longer profitable.” In other words: look at the dark web fools who are alive, they’re coming for you!

#3: Ensure that the tech industry prioritizes security

The other thing the new cyber strategy wants to do is force people in Silicon Valley to do something they’re not good at: prioritize security when designing their products.

In fact, one of the reasons companies get hacked so much is that most modern software is not built with security in mind. Instead, developers often have two other factors at the top of their priority list: time to market and consumer experience. Meanwhile, security can be expensive and time consuming. There are exceptions to this rule, but security in general is It is considered Barrier to business priorities, which are to launch a product quickly and make money.

What does the government want to do about it? Well, there are a couple of different actions that the Biden administration says it would like to take to encourage the tech industry to do a better job.

  • Use federal grant programs to help drive new security products and drive federal research and development into security technologies. This is an interesting idea, but it is definitely more of a long-term investment than a short-term solution.
  • The document states that it also wants to work with Congress and the private sector to define “responsibility for software products and services.” This push should seek to “set higher standards of care for programs in specific high-stakes scenarios.” The idea here is to create an incentive structure in which companies of a certain size and reputation are forced to create better security protections for their products or risk exposing themselves to legal risks.
  • Curiously, the strategy also indicates that it wants to expand privacy protections as a means of guarding against security issues. The document states, “The Department supports strong and clear restrictions on the ability to collect, use, transfer, and maintain personal data.” In short: the thinking here is that if companies keep less personal data on web users, are there fewer chances of a data breach? It sounds like an interesting idea but it is unclear how and when such a turn of events could happen.

#4: Acknowledge that the Internet exists along with Bubble Gum and Baling Wire

Another major cybersecurity crisis that unfolded under the administration’s watch was Discovery log4j bug. The log4j loop, a critical remote code execution vulnerability in a ubiquitous open source software library, has helped clarify more to the government about dangers Today’s open source software ecosystem and the potential threats it poses to the global economy. Since the bug was discovered, the government has been working with the open source community and other online stakeholder groups to enact better protections for critical software supply chains and the broader digital ecosystem. The new cyber strategy says systemic shortcomings in security are something that must be addressed. The document is written:

The Internet is critical to our future but retains the infrastructure of its past. Many of the technical foundations of the digital ecosystem are inherently weak. Every time we build something new on top of this foundation, we add new vulnerabilities and increase our collective exposure to risk… The “clean-up” effort to reduce systemic risk requires identification of the most pressing security challenges, further development of effective security measures and close collaboration between the public and private sectors to reduce our exposure risk…

In other words, the government acknowledges that our digital world is, as the saying goes, knit.By bubble gum and baling wire. To fix this, the White House says it plans to invest a lot of money in a number of different areas in an effort to create a more secure ecosystem. These include…

  • Using partnerships with the private sector to reduce “systemic technical vulnerabilities at the foundation of the Internet and across the digital ecosystem,” things like Border Gateway Protocol vulnerabilities, unencrypted Domain Name System requests, and other long-standing security deficiencies in the underlying infrastructure of the Web.
  • “Reinvigorate” directed research and development around “next generation” cybersecurity capabilities. What kind of abilities? The strategy calls things like post-quantum cryptography, which is said to be able to protect against the current hypothetical threat of quantum computing.
  • Fostering workforce development in the cybersecurity field more broadly. Often a problematic topic, companies and governments can sometimes have difficulty finding the right talent to run their battle stations; Recruiting and retaining security professionals can be challenging, and a shocking number of companies don’t hire CISOs at all. The government says it wants to charge a number of existing cybersecurity workforce development programmes, in a bid to stimulate employment more broadly.

#5: Make sure the rest of the world is on the same page about kicking bad hackers in the ass

Finally, the government wants to make sure everyone else is on the same page when it comes to chasing down the bad guys. The White House says it wants to leverage “international alliances and partnerships among like-minded nations to address threats to our digital ecosystem through joint preparedness, response, and cost imposition.” By and large, the government has already been doing this – and it seems to be getting some good results.

An international summit on the ransomware blight helped bring countries together on the need to fight cyber baddies, and before the war in Ukraine, Biden met with Russian President Vladimir Putin to discuss expanding cooperation on disrupting and prosecuting ransomware gangs — a large number believed to be headquartered in Russia. Will more international summits and partnerships help? It certainly couldn’t hurt.

.

Leave a Reply

Your email address will not be published. Required fields are marked *