US Executive Order Aims To Shore Up Cyber-Defences

The outgoing Joe Biden administration is aiming to boost US defences against cyber-attacks such as multiple China-linked incidents that have beset the government and the country’s critical infrastructure in recent months with an executive order set to be released in the final days before Biden leaves office on 19 January.

The order, initially expected to be released last week, was delayed as experts suggested the Biden team might be trying to make it more acceptable to the incoming administration.

A draft seen by media outlets showed that the order sought to augment the role of the Cybersecurity and Infrastructure Security Agency (CISA) as the government’s lead on federal civilian cybersecurity, as it seeks to create tighter computer security standards for federal agencies and contractors.

Secure development

The agency has attracted criticism from Republicans due to its role in combating election fraud and disinformation, and they have promised to reduce its role and introduce budget cuts.

Deputy National Security Advisor for Cybersecurity Anne Neuberger said at a press conference last week that the order aims to give the next administration “the best possible foundation” for national cybersecurity, but president-elect Donald Trump may discard it once he takes office.

The cyber-attacks allegedly linked to China in recent months have targeted critical infrastructure, government emails, major telecommunications companies and, in late December, US Treasury workstations.

China has denied involvement in the hacks.

The executive order includes calls for more rigorous standards for secure software development, the ability to verify the standards have been met and a process for CISA to evaluate the process, the draft says.

Government email attacks

Vendors must provide documentation on their secure development processes for validation by CISA through its software attestation programme and those that fail validation could be referred to the attorney general for action.

The order also mandates guidelines to securely manage access tokens and cryptographic keys used by cloud providers.

Such keys were used by Chinese-linked hackers to access US government email accounts in May of 2023, Microsoft said.