One of many challenges facing the new presidential administration is national cybersecurity, and Joe Biden’s team has revealed a few plans in motion to add some change to policy in this area. However, there are many political and economic factors at play that will greatly influence how this strategy is executed on.
The SolarWinds Orion hack which first came to light in December 2020 is suspected to be the biggest data breach of the US government in history. This has been followed by yet another audacious attack uncovered in the Microsoft Exchange Servers that power email communication around the world. Although the new president’s admin has avoided drastic changes to his predecessor’s cyber policies, these incidents reinforce the impetus for strengthening cyber defense at the federal level down.
Here are a few ways that the Biden administration is planning to change US cybersecurity policy and the developments that will drive these changes:
Cyber Policy Changes from Trump’s Term
Former President Trump deprioritized protecting cyberspace as a government initiative, eliminated roles and offices that oversaw cyber defense and diplomacy, and lost several officials in charge of driving cyber policies to political infighting over the course of the four-year term. Despite this, there were efforts by several members of the cabinet to revitalize a federal cyber defense program, including the creation of the Cybersecurity and Infrastructure Security Agency (CISA) in 2018. Yet this was one of the departments hardest hit by the turnover – even CISA’s director was fired after a public election fraud claim dispute.
Since at least the SolarWinds hack came to light, Biden has worked to position himself as taking a much different approach, albeit without making too many explicit promises (yet). The new president has stressed a return to process and a procedural approach to fighting cybercrime and nation-state hackers, with consistent emphasis on the latter.
The Biden Cybersecurity Dream Team
Part of the refocused efforts on cybersecurity will include the hiring of a “dream team” of appointees with extensive experience in combating cyber threats and navigating the complexities of discreet cyberwarfare. Among this assortment are veterans of both the Trump and Obama administrations, including the leader of the response to the SolarWinds attack, Anne Neuberger, who serves in a newly created position. Congress has also passed legislation for the creation of a National Cyber Director which will directly oversee policy in both the public and private sectors.
First SolarWinds Now Microsoft Exchange Email Servers Hacked
Biden’s cybersecurity team will have a lot to contend with no matter what form their jobs take, as this latest breach may dwarf the one that was uncovered in December. While the SolarWinds hack was estimated to affect at most 18,000 businesses, the Exchange attack could impact at least 30,000 organizations (the number continues to climb at the time of this writing), but there were “hundreds of thousands” of email servers breached according to multiple sources. The hackers seemed to have purposefully waited until the situation on January 6, 2021 distracted the government to leverage bugs in a March 2020 patch.
Hackers Being Sponsored by Russia and China
Complicating the news of these two major cyber attacks are the accusations that their signatures can be traced to groups that are allegedly sponsored by rivals abroad. The SolarWinds breach has been attributed to Russian cyber spies while one of the groups involved in the Microsoft email hack are believed to be employed by China. Additional revelations make the situation even worse, as it is now suspected that the former incident also included Chinese hackers working in tandem with Russia’s nation-state actors.
These disclosures have only reinforced the aggressive stance Biden’s team has communicated repeatedly regarding these two nations. Now, however, foreign policy will extend into cyber defense and diplomacy, and perhaps even cyberwarfare in response to the blatant espionage.
Biden VS Trump on Cybersecurity
Despite the more inflammatory sound bites, Biden’s interim policies on cybersecurity are similar to what the Trump team proposed in 2018, which but for wording and language focus on all but one of the same general points. The facilitation of direct government aid and involvement is the biggest differentiator between the two presidents’ cyber plans, followed distantly by the inclusion of Russia in the list of targeted enemies. It is also important to note that Neuberger herself is a holdover from the previous administration, and CISA and the State Department still retained some career officials with expertise in this area, so the continued course is at least partly due to the makeup of the current team.
However, this strategy can and should be expected to change – at least somewhat – in the face of various challenges. Even without a political need to separate themselves from Trump’s policies, the new White House find themselves in battle that could progress into full-blown cyberwarfare.
Presidential and Congressional Security Policies in Motion
There are several proposals in motion as well as bills being pushed through legislation in response to the nation’s cybersecurity situation, as well as quite a few actions already underway to combat the more immediate threats. Here is a list of all of those we have been able to find compiled for your convenience:
- Plans to pass at least 8 additional executive orders addressing gaps made apparent by SolarWinds hack
- $10 billion of funds included in the February COVID-19 relief package earmarked for investment in IT security
- Executive order directing federal agencies to conduct a two-part supply chain security review, with a mandated assessment of communication and information technologies
- New trade restrictions have been added to Chinese tech companies such as Huawei and ZTE
- Clandestine action to be taken against Russia, followed by the imposition of additional economic sanctions
- A bill proposed by Rep. John Katko (R-N.Y.) centralizing CISA’s role for incidents in industrial control systems (ICS) in the manufacturing sector
- Passage of The Internet of Things Cybersecurity Improvement Act in the House
- The Homeland and Cyber Threat Act proposal, which would allow alleged victims to take international hackers to court
Your Business Should Audit Your Cybersecurity
Time will tell how effective the Biden administration’s plans will be at combating these new cyber threats, but in the meantime, you must take whatever steps you can to enforce your own internal cybersecurity. The Cyber Cold War that has persisted is inevitably heating up, and businesses in the US of every size will be caught in the crossfire (and have already). Even the smallest of organizations will be a legitimate target in this type of conflict, as the connected nature of networks means every piece contributes to the health of the overall system, and adversaries will be looking to do damage before tensions cool down again.
Contact SWK Technologies to Supplement Your Cyber Defense
SWK Technologies has a host of cyber threat protections available that empower you to create additional layers of defense against attack, from basic MFA to a military-grade SOC. Reach out to us ASAP to let us help you discover the level of cybersecurity you need to deploy to keep your business network secure, and prepare for whatever may happen in the future.
Contact SWK today to learn more about our cybersecurity services and how we can help you strengthen your cyber defense against all manner of threats.