New Biden Cyber Strategy Takes Aim At China As ‘Most Persistent Threat’

Authored by Andrew Thornebrooke via The Epoch Times (emphasis ours),

The Biden administration’s new cybersecurity strategy takes aim at China’s communist regime and other authoritarian powers for subverting the international order through malign cyber activity.

President Joe Biden gives remarks before the start of a meeting with governors visiting from states around the country in the East Room of the White House in Washington on Feb. 10, 2023. (Anna Moneymaker/Getty Images)

The 2023 National Cyber Strategy, released on March 2, says that communist China and other regimes are attempting to export their own forms of authoritarianism through the use of technology.

“The governments of China, Russia, Iran, North Korea, and other autocratic states with revisionist intent are aggressively using advanced cyber capabilities to pursue objectives that run counter to our interests and broadly accepted international norms,” the strategy states.

“Their reckless disregard for the rule of law and human rights in cyberspace is threatening U.S. national security and economic prosperity.”

China in particular is threatening U.S. interests and dominating emerging technologies critical to global development with the intent of reshaping the world order, the document states.

“[China] now presents the broadest, most active, and most persistent threat to both government and private sector networks and is the only country with both the intent to reshape the international order and, increasingly, the economic, diplomatic, military, and technological power to do so.”

“Having successfully harnessed the Internet as the backbone of its surveillance state and influence capabilities, [China] is exporting its vision of digital authoritarianism, striving to shape the global Internet in its image and imperiling human rights beyond its borders.”

Whole-of-Government Approach to Counter China

Given the threat posed by authoritarian powers like the Chinese Communist Party (CCP), the strategy outlines an aggressive posture that the administration seeks to take defending the United States and its interests from foreign interference.

This new posture, according to the strategy, will integrate cyber, diplomatic, military, intelligence, law enforcement, and other capabilities to target threat actors and remove them from play.

“The United States will use all instruments of national power to disrupt and dismantle threat actors whose actions threaten our interests,” the strategy states.

“These efforts may integrate diplomatic, information, military (both kinetic and cyber), financial, intelligence, and law enforcement capabilities.”

Such integration will bring the United States’ cyber security strategy to more closely resemble the whole-of-society approach being implemented by China and other powers.

The purpose of such an expansive and integrated system, the document says, is to ensure that malign actors are “incapable of mounting sustained cyber-enabled campaigns that would threaten the national security or public safety of the United States.”

Likewise, the strategy seeks to expand the role of the federal government in other ways, including by taking a more assertive role in directing the market by federalizing some spending and increasing security regulations and liability laws.

The approach will focus on “shifting the burden for cybersecurity away from individuals, small businesses, and local governments,” the strategy states, as market forces are “inadequate” to impose the necessary costs on entities that introduce vulnerable products into the digital ecosystem.

‘Fundamental Changes’ to Digital Ecosystem

By making the digital ecosystem more “defensible,” “resilient,” and “values-aligned,” the strategy states, the United States can better defend itself and its partners while also offering an alternative to the authoritarian model of technological governance offered by regimes like the CCP.

To that end, the strategy is deliberately crafted as an evolution of the cyber framework first established by the Trump administration’s strategy in 2018 and “continues momentum on many of its priorities, including the collaborative defense of the digital ecosystem.”

As such, the strategy seeks to take a more aggressive stance on cyber threats to national security, and will now classify ransomware attacks as national security threats as opposed to mere criminal challenges, paving the way for a greater range of responses to such threats, including through coordination with international partners.

The strategy will likewise make fundamental changes to the minimum security requirements for technologies and systems used by vital sectors such as oil and natural gas pipelines, aviation, railways, and water systems.

Moreover, by leveraging international coalitions and partnerships among like-minded nations and working with allies on shared standards of security, reliability, and privacy, the strategy says, the United States can effectively counter the CCP and other malign actors while promoting a more free technosphere.

“We must make fundamental changes to the underlying dynamics of the digital ecosystem, shifting the advantage to its defenders and perpetually frustrating the forces that would threaten it,” the strategy states.

“People and technology are increasingly linked, further enabling the very best, as well as the worst, of humanity.”