Biden promises tough response to cyber attacks
President-elect promises that he "won't stand idly by" when nation-states hack US
President-elect Joe Biden has taken a stance on the recently discovered hack of US government and private sector systems, promising to hold adversaries accountable. In a statement issued by his transition team, Biden said he had already been briefed by government officials on the attack and would make dealing with it a priority when it took office.
Biden promised to strengthen partnerships with the private sector and expand investments in cyber security infrastructure, but he also hinted at a more hawkish cyber security approach.
"A good defense isn’t enough; we need to disrupt and deter our adversaries from undertaking significant cyber attacks in the first place," Biden said. "We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners. Our adversaries should know that, as President, I will not stand idly by in the face of cyber assaults on our nation."
In the last few days, government officials and private sector companies have discovered the scope of a massive cyber attack on US government and private sector systems. The attack, delivered via malicious code injected into SolarWinds' IT monitoring software, is ongoing, officials warned. In an update, Microsoft president Brad Smith called the incident, believed now to have been engineered by Russia, "an attack on the United States and its government and other critical institutions."
Biden has a tough job ahead of him. "This is big," said Sue Gordon, who served as principal deputy director of national intelligence in the Office of the Director of National Intelligence (DNI) until resigning from the position in August 2019, likening it to the Office of Personnel Management hack revealed in 2015. "Even bigger than that because this is public and private, and global," Gordon said, pointing out that the problem is ongoing. "This is not only problematic in terms of the information, but problematic in terms of getting rid of it."
President Trump remained silent on the hack this week. During his term as president, more than a third of his National Infrastructure Advisory Council members quit, citing "insufficient attention to the growing threats to the cybersecurity of the critical systems upon which all Americans depend."
Trump appointed Bush-era security advisor Tom Bossert to head up the administration's cyber security efforts, but the White House's John Bolton removed him in April 2018, leaving the position vacant.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
In 2018, senators announced the bipartisan Cyber Deterrence and Response Act that would have forced the president to act against overseas hackers found targeting the US or explain why he hadn't. However, lawmakers failed to pass the bill.
Danny Bradbury has been a print journalist specialising in technology since 1989 and a freelance writer since 1994. He has written for national publications on both sides of the Atlantic and has won awards for his investigative cybersecurity journalism work and his arts and culture writing.
Danny writes about many different technology issues for audiences ranging from consumers through to software developers and CIOs. He also ghostwrites articles for many C-suite business executives in the technology sector and has worked as a presenter for multiple webinars and podcasts.