Already a subscriber? Make sure to log into your account before viewing this content. You can access your account by hitting the “login” button on the top right corner. Still unable to see the content after signing in? Make sure your card on file is up-to-date.

President Biden has signed a new executive order to strengthen America’s cybersecurity defenses amid a notable increase in cyberattacks targeting US companies and the government.

Some shit you should know before you read: Over the last four years, the United States has faced a significant surge in cyberattacks targeting critical infrastructure and government agencies, marking a sharp escalation in both frequency and severity compared to previous years. Recent incidents include the “Salt Typhoon” operation, where China-backed hackers infiltrated multiple US telecommunications providers. In addition, Chinese state-sponsored hackers recently breached the US Treasury Department and exploited vulnerabilities in third-party software to steal sensitive encryption keys. US officials have repeatedly warned that China is working to embed itself within critical infrastructure, such as energy grids and telecommunications networks, with the strategic intent of gaining the ability to disrupt essential systems during a military confrontation—such as a potential US response to a Chinese invasion of Taiwan.  

What’s going on now: In an announcement by the White House, President Biden unveiled an executive order designed to strengthen the United States’ cybersecurity defenses against growing threats to critical infrastructure and government systems. The order introduces a range of measures to modernize security practices across federal agencies, secure supply chains, and encourage the adoption of advanced technologies like artificial intelligence and quantum-resistant cryptography. A cornerstone of the order is the requirement for all software vendors working with the federal government to demonstrate compliance with secure development standards, with validation overseen by the National Institute of Standards and Technology (NIST). This provision aims to mitigate risks posed by compromised software, which has been a key entry point in several high-profile cyberattacks.

Anne Neuberger, Biden’s outgoing Deputy National Security Advisor for Cyber and Emerging Technology, said, “The goal is to make it costlier and harder for China, Russia, Iran and ransomware criminals to hack, and to also signal that America means business when it comes to protecting our businesses and our citizens. It means more tools to publish them, to publicly name, sanction and penalize these individuals, whether they’re working independently or for [a] foreign government.”

In addition, the Cybersecurity and Infrastructure Security Agency (CISA) will receive expanded authority to track and mitigate vulnerabilities across all federal systems, enabling a more centralized response to cyber threats. The order also lowers the threshold for imposing sanctions on cybercriminals and state-sponsored actors, sending a clear message to adversaries such as China, Russia, and ransomware groups that targeting US infrastructure will result in significant consequences.

This all comes as China and other adversaries have consistently denied allegations of targeting the United States through cyberattacks, instead accusing the US of fabricating claims to “stoke” tensions and justify aggressive cybersecurity policies. Chinese officials have openly suggested that the US government is using cybersecurity as a pretext to frame China as a threat, potentially to justify heightened military and economic measures against the country. Despite these denials, US officials and companies maintain that China has been systematically targeting and embedding itself within critical American infrastructure.