Continual alerts on cyber threats from the Chinese Communist Party. On Tuesday, April 30th, President Biden updated a decades-old national policy to protect critical U.S. infrastructure sectors such as energy and financial services from foreign attacks.
The White House stated in a briefing that today, President Biden signed a National Security Memorandum (NSM) to ensure the safety of critical U.S. infrastructure and enhance its resilience. The NSM replaces a decade-old presidential policy document on protecting critical infrastructure and initiates comprehensive efforts to shield U.S. infrastructure from current and future threats and hazards.
Biden’s new policy largely revises the U.S. Critical Infrastructure Protection regulations issued by the Obama administration in 2013, known as PPD-21 Presidential Policy Directive.
The re-drafting of infrastructure policies from the Obama era began over a year ago, partly to modernize them and keep pace with the evolving tactics of hackers in the digital landscape.
According to CNBC, a senior government official stated in a phone briefing with reporters on Monday, “Since the release of PPD-21 in 2013, the threat environment has significantly changed, evolving from counterterrorism to strategic competition, technological advancements like artificial intelligence, and nation-state malicious cyber activities.”
Through the President’s Investing in America Agenda, the Biden-Harris administration announced $448 billion in funding from the bipartisan Infrastructure Law, with $50 billion specifically allocated for enhancing infrastructure resilience.
The core of the updated policy signed by Biden on Tuesday focuses on how federal agencies will collaborate in safeguarding American infrastructure.
FBI Director Christopher Wray has repeatedly warned Congress and the public about the imminent threat posed by Chinese hackers to U.S. power grids, water facilities, transportation systems, and more. In January, Wray announced the FBI dismantled a Chinese hacker group called “Volt Typhoon”.
The White House briefing stated that Biden directed the Department of Homeland Security to lead government-wide efforts in concert with the Cybersecurity and Infrastructure Security Agency (CISA) to mitigate such security risks. The Homeland Security Secretary will submit a report every two years to the President on these risk mitigation efforts.
The new policy also instructs U.S. intelligence agencies to share relevant information with private sector owners and operators in industries like transportation, water, and energy susceptible to attacks.
Although Biden seeks to ease tensions with China, the two nations have failed to reach consensus on several contentious issues, leading to unpredictable fluctuations in their strained relationship, particularly amid ongoing geopolitical upheavals.
The Biden administration has cautioned China against aiding Russia in invading Ukraine, warning of imminent sanction measures. Concurrently, amidst China’s persistent ambitions regarding Taiwan, the U.S. continues to provide military assistance to its Taiwanese ally.
With U.S.-China relations remaining volatile, security officials remain highly vigilant against cyber attacks from the Chinese Communist Party.
A senior government official stated to CNBC, “We are now realizing the serious threat China poses to our critical infrastructure.”
Biden’s new policy also aims to delineate CISA’s role in government cybersecurity networks. CISA was established in 2018, five years after the issuance of PPD-21.
Another senior government official mentioned, “The 2013 presidential policy directive did not address CISA’s role because we hadn’t formed it at that time.”