Biden pledges robust response to cyber crisis 'from the moment we take office'
- Oops!Something went wrong.Please try again later.
President-elect Joe Biden on Thursday promised a strong response to the newly revealed, highly sophisticated cyber espionage campaign that has stoked alarm throughout the federal government — even as President Donald Trump remains silent about the latest suspected provocation from Russia.
“My administration will make cybersecurity a top priority at every level of government,” Biden said in a statement, “and we will make dealing with this breach a top priority from the moment we take office.”
The president-elect added that he had instructed transition advisers “to learn as much as we can about this breach” and commended the civil servants who are examining federal networks to determine the extent of the hacks.
Government officials have briefed the transition team about the attacks, including on Monday during a meeting with personnel from the FBI and other agencies, according to a U.S. official, who requested anonymity to discuss internal matters.
What he promised: Biden’s statement marked a contrast with Trump’s silence on the monthslong cyber campaign, which U.S. officials believe is the work of a Russian intelligence service.
In the statement, Biden vowed to “elevate cybersecurity as an imperative across the government,” improve ties with the private-sector entities that own much of the nation’s critical infrastructure, and boost funding and workforce training efforts to build stronger digital defenses.
He also committed to a deterrence posture that will include “imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.”
“Our adversaries should know that, as President, I will not stand idly by in the face of cyber assaults on our nation,” Biden said.
What he didn’t say: Despite constituting his most extensive remarks on cybersecurity to date, Biden’s statement stuck to generalities and did not clarify how he views key cyber issues.
For example, Biden did not say what he thinks of the Trump administration’s “defend forward” strategy, in which U.S. Cyber Command tries to engage adversaries before they hit U.S. networks. Some observers have questioned the value of that strategy after it became clear that it did not prevent the recently discovered breaches.
Biden also did not specify how his approach to imposing costs on adversaries for cyber aggression would differ from that of the Trump administration, which has sanctioned and prosecuted nation-state hackers and exposed their malware to neutralize it.
Also left unsaid in Biden’s statement was how, as president, he will distinguish between traditional espionage operations such as the ongoing breach and destructive attacks such as the 2017 NotPetya malware outbreak that wrecked the computer systems of major global companies. The U.S. and its allies regularly try to penetrate the networks of government agencies in countries such as Russia and China.
And while Biden promised to “elevate” the importance of cybersecurity within the government, he did not say how he would do this. Biden has not weighed in on the national cyber director position that lawmakers included in the fiscal 2021 defense policy bill, nor has he indicated whether he would support the government reorganization proposals in a recent report by the congressionally created Cyberspace Solarium Commission, such as the creation of a new State Department cyber bureau.
Evolving crisis: New information continues to trickle out about the wide-ranging cyber campaign. On Thursday, CISA confirmed that the hackers had used multiple intrusion techniques beyond simply infecting software updates for an outside vendor's IT monitoring program.
And at the same time that Biden issued his statement, top House Democrats asked Trump administration officials for damage assessments “as soon as practicable.”
