U.S. President Joe Biden signed a new national security memorandum on Tuesday, aiming to bolster the resilience of U.S. critical infrastructure against evolving threats, particularly those posed by Chinese hackers. The updated policy, which replaces the Obama administration's Presidential Policy Directive (PPD-21) from 2013, comes as public officials continue to sound the alarm on the growing cyberthreat landscape.
The White House stated that the new directive launches a "comprehensive effort to protect U.S. infrastructure against all threats and hazards, current and future." The memo empowers the Department of Homeland Security (DHS) to spearhead the government-wide effort to secure critical infrastructure sectors, such as energy, financial services, transportation, water, and sewage systems. The DHS Secretary will be responsible for submitting regular National Risk Management plans, summarizing the U.S. government's efforts to mitigate security risks.
"The policy is particularly relevant today, given continued disruptive ransomware attacks, cyber-attacks on U.S. water systems by our adversaries," said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA). The memo also aims to codify CISA's role in the government security network, as the agency was established in 2018, five years after the publication of PPD-21.
Concerns about the security of U.S. critical infrastructure have been on the rise, especially in light of recent revelations about advanced Chinese hacking groups targeting these sectors. In February, U.S. agencies warned that a group known as "Volt Typhoon" had been actively infiltrating the networks of aviation, rail, mass transit, highway, maritime, pipeline, water, and sewage organizations for up to half a decade.
FBI Director Christopher Wray has repeatedly cautioned congressmembers and the public about the imminent threat posed by Chinese hackers targeting the U.S. electrical grid, water plants, and transportation systems. In January, Wray announced that the FBI had neutralized a Chinese hacking group called 'Volt Typhoon' that was targeting hundreds of routers in homes and offices.
The widespread nature of these hacks has prompted a series of meetings between the White House and private technology industry, including several telecommunications and cloud computing companies, in which the U.S. government sought assistance in tracking the malicious activity.
Biden's memorandum directs the U.S. Intelligence Community "to collect, produce and share intelligence and information with federal departments and agencies, state and local partners, and the owners and operators of critical infrastructure." The policy also instructs intelligence agencies to declassify relevant information for private sector owners and operators within vulnerable infrastructure industries.
The White House acknowledged that "nation-state actors will continue to target American critical infrastructure - and tolerate or enable malicious activity conducted by non-state actors. In the event of crisis or conflict, America's adversaries may attempt to compromise our critical infrastructure."
Despite Biden's efforts to ease U.S.-China relations, tensions between the two superpowers remain in flux, given ongoing geopolitical challenges such as Russia's invasion of Ukraine and China's intentions regarding Taiwan. As U.S-China relations continue to evolve, security officials remain on high alert for potential Chinese cyberattacks.
The updated policy reflects the changing threat environment since PPD-21 was issued in 2013, shifting focus from counterterrorism to strategic competition and advancements in technology like artificial intelligence. By modernizing the infrastructure protection policy, the Biden administration aims to keep pace with hackers who have benefited from over a decade of technological advancement and to fortify the nation's critical infrastructure against the growing threat of foreign cyberattacks.
