The Biden administration is in a race against time to finalise and issue a comprehensive executive order aimed at bolstering US cybersecurity. This move comes in response to a string of high-profile breaches, including a recent hack targeting the US Treasury Department, which has been attributed to China.
According to sources familiar with the matter, the draft order has already cleared several internal hurdles and is nearing publication. It reflects lessons learned from multiple cyber incidents during President Joe Biden’s tenure, with a particular focus on strengthening identity authentication and encryption practices across government communications.
Treasury department hack
The December hack of the Treasury Department highlighted vulnerabilities within the US government’s digital infrastructure. In this breach, a Chinese hacking group known as Silk Typhoon allegedly exploited a digital key stolen from BeyondTrust Inc., a third-party service provider. This allowed them to access unclassified documents stored on local devices, including information related to potential sanctions actions.
In response, the draft executive order mandates encryption of emails and cloud-stored documents to protect sensitive information. While hackers might gain access to systems, encryption would prevent them from opening or utilising critical documents.
Key measures in the draft order
The draft executive order outlines several key initiatives to enhance cybersecurity:
- Stronger authentication: Federal agencies will be required to adopt robust identity authentication measures, including multi-factor authentication and encryption.
- Cryptographic key security: Guidelines will be developed to better secure cryptographic keys used by cloud software contractors. These keys are critical for securing digital communications and are to be stored in hardware security modules—specialised devices designed to keep them safe.
- Improved software practices: The order seeks to ensure that federal software providers adhere to basic cybersecurity hygiene, such as fixing known vulnerabilities, using complex passwords, and employing multi-factor authentication.
The draft specifically criticises instances where software providers fail to address well-known vulnerabilities, leaving government systems exposed to potential compromise.
“In some instances, providers of software to the federal government commit to following cybersecurity practices, yet do not fix well-known exploitable vulnerabilities in their software, which puts the government at risk of compromise,” the draft states.
Trump’s incoming administration
Whether the incoming Trump administration will retain this executive order remains uncertain. President-elect Donald Trump has expressed a desire to reduce federal regulations and has already signalled intentions to repeal another Biden administration order that established safeguards for artificial intelligence.
Trump’s approach to cybersecurity regulation is likely to diverge significantly from Biden’s. While Biden has focused on expanding protections and accountability, Trump’s rhetoric has prioritised deregulation, raising questions about the longevity of this executive order.
Silk typhoon and beyond trust breach
The Treasury breach underscores the evolving sophistication of state-sponsored hacking groups. Silk Typhoon’s ability to exploit a digital key from BeyondTrust Inc. exposed gaps in third-party service providers’ security practices.
The draft executive order includes measures aimed at addressing these vulnerabilities, requiring federal contractors to better manage access to sensitive information and secure cryptographic keys. By implementing these safeguards, the administration hopes to minimise risks associated with external service providers.
International implications
The cybersecurity breaches have far-reaching implications beyond US borders. The involvement of a Chinese hacking group highlights ongoing tensions between the two nations, particularly regarding economic and technological competition.
More Read
China has consistently denied involvement in cyberattacks, but incidents like the Treasury hack add to a growing list of allegations against state-sponsored groups. The US’s response, particularly through executive orders and strengthened cybersecurity measures, may influence future relations with China and other global players.
Challenges ahead
The Biden administration’s effort to finalise this executive order underscores the urgency of addressing cybersecurity threats. However, the transition to the Trump administration presents potential roadblocks.
Should Trump choose to repeal the order, federal agencies could face delays in implementing critical protections, leaving government systems vulnerable to further attacks. On the other hand, retaining the order could provide a foundation for improved cybersecurity practices under Trump’s leadership.
Conclusion
As the Biden administration nears the end of its tenure, its push to enhance US cybersecurity reflects the growing importance of digital defences in a world increasingly dominated by cyber threats. Whether these measures will remain intact under the new administration, however, is a question that only time will answer.
For now, the executive order represents a significant step toward addressing vulnerabilities exposed by recent breaches and safeguarding sensitive government information.
