President Biden will sign an executive order on Thursday intended to boost the privacy of Americans amid continued cyberattacks against the U.S.
“Adversary countries and criminals have increasingly targeted the U.S. government, corporations and individual Americans with cyberattacks that disrupt critical services, businesses and individual lives, costing billions of dollars as well as damages,” a senior administration official told reporters on a call Wednesday previewing the order.
The executive order lays out a series of initiatives to help the federal government defend against cyber attacks that threaten the privacy of Americans’ digital identities.
The National Security Council (NSC) acknowledged on Wednesday the U.S. “stands alone” among major economies when it comes to the country’s digital identity infrastructure. Americans encounter about $56 billion in fraud each year, the NSC said.
Part of the executive order will lower the bar for sanctions imposed by the U.S. government to punish cyber attackers.
“The goal is to make it costlier and harder for China, Russia, Iran and ransomware criminals to hack and to also signal that America means business when it comes to protecting our nation, from our economy and employment to infrastructure and innovation,” the administration official said, adding later, “It means more tools to publish them, to publicly name, sanction and penalize these individuals, whether they’re working independently or for [a] foreign government.”
The order will also speed up the rollout of private-sector technology to increase government efficiency and reduce fraud. It promotes the use of “privacy-preserving digital identity documents” like mobile driver licenses and the launch of an early-warning fraud pilot that will notify Americans of potential fraud incidents involving their public benefits and payments, the NSC said.
It also establishes new requirements for software providers for the U.S. government.
It comes just weeks after the Treasury Department informed lawmakers Chinese state-sponsored actors hacked into the agency early last month and stole a key from a third-party software service provider.
Building upon Biden’s first cyber executive order, in which federal agencies were required to implement new practices to protect themselves from cyberattacks, Thursday’s order will further this goal by advancing the use of modern technologies that are resistant to phishing in federal agencies.
It will also promote the visibility of attack activity across government agencies for the Cybersecurity and Infrastructure Agency (CISA) to more efficiently do its job.
“If we find one particular technique that a foreign government has used to hack one particular federal agency, this now tasks CISA and invites CISA centralized visibility to hunt across all agency systems to ensure we’re defending against this attack broadly,” the administration official said.
In addition, the development and use of artificial intelligence (AI) will also be accelerated under the order, along with further research of AI-based cybersecurity tools and post-quantum technologies.
The component echoes that of Biden’s national security memorandum issued last October, which encouraged government agencies to seize on the most advanced AI systems to boost national security.
The order additionally brings attention to the protection of space-based systems, pointing to the devastation from Russia’s attack on Ukraine’s military satellite communications system ahead of its invasion of Ukraine in 2022.
Numerous foreign adversaries carried out hacking operations in the U.S. last year, further raising alarm about the country’s ability to fend off such attacks.
Among the attacks was the unprecedented “Salt Typhoon,” operation, during which China-backed actors hacked into more than half a dozen telecom firms in the U.S.
Among those targeted in the Salt Typhoon hacks were some involved in the government or political activities, officials said earlier this year. While officials have not revealed exactly how many were targeted, President-elect Trump and Vice President-elect Vance were among the phones reportedly targeted.
The highly anticipated order comes at the tail-end of the Biden administration and follows two AI-related orders issued by the president earlier this week. It remains unclear whether Trump will choose to keep or repeal Thursday’s order when he is sworn back into the Oval Office next week.
