{"id":837,"date":"2021-04-27T10:06:24","date_gmt":"2021-04-27T10:06:24","guid":{"rendered":"http:\/\/biden-power-map.test\/?post_type=topic&p=837"},"modified":"2021-08-20T21:50:52","modified_gmt":"2021-08-20T21:50:52","slug":"cyber-tech","status":"publish","type":"topic","link":"https:\/\/biden-agenda.foreignpolicy.com\/topic\/cyber-tech\/","title":{"rendered":"Cyber & Tech"},"content":{"rendered":"\n

As cyber threats mount, including disinformation campaigns<\/a>, election interference, and hacks on critical services and technology<\/a>, the Biden administration has promised to make cybersecurity a top priority<\/a>. Through a series of executive orders, the former Trump administration made notable moves to develop standards for cybersecurity risk management across various industries<\/a>, expand domestic 5G<\/a> infrastructure, limit risks from foreign technology providers\u2014notably China\u2019s Huawei\u2014and expand the cyber-workforce<\/a>. But the former administration also appeared to undercut some of its own gains amid the progress. It eliminated<\/a> the cybersecurity coordinator role on the National Security Council (NSC), downgraded the Office of the Coordinator for Cyber Issues at the U.S. Department of State and fired the former director<\/a> of the Cybersecurity and Infrastructure Security Agency (CISA), Chris Krebs, as the former president doubled down on false claims of election interference. By the end of his term, in a survey conducted by Cybersecurity 2020, 71 percent<\/a> of cybersecurity professionals felt that the former administration had taken the U.S. in the wrong direction on cybersecurity.<\/p>\n\n\n\n

Following the SolarWinds<\/a> and Microsoft email server hacks<\/a>, considered the largest and most sophisticated cyberattacks ever perpetrated, the U.S.\u2019s cyber strategy has come under increasing scrutiny. The attacks highlighted weaknesses in the U.S. Cyber Command\u2019s \u201cdefend forward<\/a>\u201d approach, particularly as the intelligence community (IC) failed to detect the massive hack until a private company, FireEye, notified affected parties. Secretary of State Antony Blinken<\/a><\/strong> has pinpointed China, Russia, Iran, and North Korea as ongoing critical cyber threats<\/a> to the U.S. In July 2021, Australia, the EU, New Zealand, North Atlantic Treaty Organization (NATO) members, and Japan formally attributed<\/a> the Microsoft Exchange hack to China, and for the first time in seven years, the U.S. and its allies have published a cyber approach to hold nations accountable in cyberspace, including intelligence sharing on cyberthreats and collaboration on network defenses and security. In addition to China, U.S. Ambassador to Russia John Sullivan<\/a><\/strong> said<\/a> that while a majority of the focus has been on election interference, the U.S. faces a larger threat from aggressive cyber activity by elements of the Russian government. In a report<\/a> published by the Office of the Director of National Intelligence (ODNI), the IC raised concerns regarding Russian supply chain operations against U.S.-based IT firms and growing investments in research and development by China and Russia in emerging technologies such as computing, biotechnology, and artificial intelligence (AI), which the IC warns \u201ccan be economically, militarily, and socially destabilizing.\u201d<\/p>\n\n\n\n

With cyber and technology security increasingly characterizing Great Power competition<\/a> among China, Russia, and the U.S., President Biden has created new cyber-focused roles across the federal government. Former National Security Agency (NSA) Director of Cybersecurity Anne Neuberger<\/a><\/strong> is serving in a new position in the White House as Deputy National Security Advisor for Cyber and Emerging Technologies. Neuberger will join the National Security Council (NSC) in an advisory capacity<\/a> and will play a leading role in the government\u2019s investigation and response to the SolarWinds hack<\/a>. Such responses include sanctions that the administration has imposed on Russia for its alleged cyberespionage activities with respect to SolarWinds and efforts to disrupt<\/a> the U.S. election, as well as several executive orders that President Biden is preparing in order to address the country\u2019s cybersecurity shortcomings<\/a>. Through the 2021 National Defense Authorization Act (NDAA), Congress also created<\/a> the Office of the National Cyber Director (ONCD) within the Executive Office of the President. Chris Inglis<\/strong><\/strong><\/a>, a principal at WestExec Advisors who served as the former NSA deputy director, has been confirmed to the post as of June 2021.<\/p>\n\n\n\n

The national cyber director (NCD) will hold a seat on the NSC and will be the president\u2019s senior advisor on cybersecurity except for offensive and intelligence cyber-operations and programs. Working closely with Neuberger, National Security Advisor Jake Sullivan<\/a><\/strong>, and Biden\u2019s CISA director Jen Easterly<\/a><\/strong> will serve critical leadership roles in coordinating an integrated response by federal departments, agencies, and the private sector against cyberattacks and campaigns. Neuberger would play a key role in developing options to respond to an attack by a foreign adversary, potentially including offensive cyber-operations. Although President Biden criticized the Trump administration\u2019s handling of disinformation campaigns and cyberattacks, commenters note<\/a> that the Biden team will likely continue some of the previous administration\u2019s cyber and technology policies. Biden\u2019s endorsement of Trump\u2019s moves to replace Obama-era rules and give the military more freedom to conduct offensive<\/a> cyber-operations on adversaries is notable.<\/p>\n\n\n\n

Recognizing the scope of the threat and scale of the response required, President Biden is launching an \u201curgent initiative<\/a>\u201d to improve the nation\u2019s cyber capabilities, readiness, and resilience in cyberspace, ranging from federal investments to enhancing multi-stakeholder collaboration with allies and the private sector. As part of the $1.9 trillion COVID-19<\/a><\/strong> relief package, also known as the American Rescue Plan Act<\/a>, he has allocated billions of dollars in funds to federal agencies such as CISA, the General Services Administration (GSA), and the U.S. Digital Service to modernize federal cybersecurity mechanisms and support cyber-initiatives. In light of the slew of attacks on vital institutions, from schools and hospitals to electric utilities and agriculture, the administration is doubling down on cybersecurity, specifically the threats posed by ransomware. Following the Colonial Pipeline hacking, Biden signed an executive order aimed at bolstering U.S. cyber defenses<\/a>. One of the most significant components to the executive order is the requirement that all new software purchased by the government meet a certain standard of cybersecurity. Due to the government\u2019s immense buying power, these new standards could result in enhancements across the entire technology sector. The U.S. Department of Homeland Security\u2019s Transportation Security Administration has also signaled<\/a> intentions to issue a security directive that will require pipeline companies to report cyber-incidents to federal authorities and additional mandatory standards for how companies safeguard their systems against cyberattacks. Previously, the agency has only offered voluntary guidelines. The U.S. Department of State\u2019s Rewards for Justice (RFJ), which is administered by the Diplomatic Security Service, is now offering a reward<\/a> of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure. In August 2021, Easterly<\/a><\/strong> also announced the creation of the Joint Cyber Defense Collaborative (JCDC), a joint initiative with the private sector, including Amazon, Google, and Microsoft, which will work to prevent and reduce the impacts of cyber intrusions, as well as promote national resilience by coordinating actions to detect, deter, and respond to cyber activity targeting critical infrastructure.<\/p>\n\n\n\n

The threat to critical infrastructure was laid bare back in February after an attempt to affect chemical levels in a Florida water-treatment facility<\/a> and again when JBS, the world\u2019s largest meat company by sales, suffered<\/a> a ransomware attack that caused plants to shut down in North America and Australia, and the company to pay $11 million to the hackers. Chris Krebs has warned<\/a> that society was \u201con the cusp of a global digital pandemic,\u201d and FBI Director Christopher Wray<\/a><\/strong> asserted<\/a> that the rise of cybercrime has impacted the American security apparatus similar to the 9\/11 attacks. In response to the proliferation of ransomware attacks targeting critical sectors, the administration created<\/a> the Ransomware Task Force. Secretary of Transportation Peter Buttigieg<\/a><\/strong> has advocated for upgrades before Congress and stated<\/a> that cybersecurity is \u201ccentral to ensuring our country\u2019s economic security.\u201d Currently, the proposed infrastructure bill includes<\/a> $1 billion for state, local, and tribal governments to improve their cybersecurity infrastructure and $50 billion<\/a> for protecting the electrical grid against such attacks.<\/p>\n\n\n\n

Another core pillar of the administration\u2019s agenda as part of its climate change<\/a> <\/strong>efforts is to build sustainable infrastructure, which includes universal, reliable, and affordable high-speed internet access and secure 5G<\/a> networks across the country, particularly for lower-income urban and rural communities as part of its efforts to bridge the digital divide. The Biden and Trump administrations\u2019 efforts for domestic 5G infrastructures come on the heels of increasing security concerns that Huawei-made networks could allow the Chinese government to access data and spy on countries and companies. Although the Biden administration has not confirmed whether Huawei will remain on the U.S. Bureau of Industry and Security\u2019s (BIS) entity list following former President Trump\u2019s executive order<\/a> in 2019, Secretary of Commerce Gina Raimondo<\/a><\/strong> stated that she will \u201cuse the full toolkit<\/a> at [her] disposal to the fullest extent possible to protect Americans and [U.S.] networks from Chinese interference or any kind of back-door influence.\u201d Her comments signal that trade and technology tensions will likely continue from the previous administration throughout Biden\u2019s presidency. In June 2021, Biden signed an executive order replacing a Trump-era directive aimed at banning Chinese-owned mobile apps TikTok and WeChat. The former administration\u2019s executive order had been blocked<\/a> by a federal judge from implementing its rule on the apps, which the court ruled overstepped the administration\u2019s legal authority by being \u201carbitrary and capricious<\/a>.\u201d Biden\u2019s order is more expansive, prohibiting American companies<\/a> from investing in many large Chinese technology firms, including Huawei and Chinese mobile carriers, due to their ties to the Chinese military or the Chinese government\u2019s persecution<\/a> of the Uyghurs.<\/p>\n\n\n\n

Alongside modernizing U.S.-based infrastructure, Biden\u2019s team has also raised concerns regarding Big Tech and its role in the global cybersecurity ecosystem. The Trump administration began probing into major tech companies such as Amazon, Facebook, and Google\u2019s business practices, with the U.S. Department of Justice starting an antitrust investigation<\/a> of the corporations\u2019 activities in 2019. Likewise, U.S. allies are also investigating Big Tech for violations of antitrust regulations. As of June 2021, the EU had opened an investigation<\/a> of Google\u2019s advertisement business model, which it claims favors Google\u2019s own advertisement services over its competitors in an anticompetitive manner. As a candidate, Biden similarly stated that he is open to dismantling large tech companies, pointing out Facebook as \u201ca real problem<\/a>.\u201d Although both Trump and Biden each called for increased scrutiny<\/a> of tech companies\u2019 behaviors and influence in the information environment, they both have notably stopped short of directly demanding that the companies be broken up<\/a>.<\/p>\n\n\n\n

Questions have also arisen regarding content regulation as disinformation poses an increasing threat to democracies. As a \u201cweapon of mass distraction<\/a>,\u201d foreign state-sponsored disinformation campaigns primarily by China, Iran, and Russia have targeted the U.S. and its allies in an effort to sow political and social division, disrupt elections, and erode trust in accurate information sources. The lack of incentives for U.S. tech platforms to self-contain disinformation has led President Biden to call for Section 230 of the Communications Decency Act, which limits liability for tech companies to moderate content, to be revoked<\/a>. Simultaneously, concerns regarding global data governance<\/a> have also grown, with the European Union\u2019s General Data Protection Regulation (GDPR) and China\u2019s cybersecurity laws serving as two of the most comprehensive approaches to data privacy regulation. Absent U.S. decision-making on how to address Big Tech, regional regulations may govern U.S.-based companies, in terms of both content and data governance. To tackle these multifaceted issues, the Biden administration is appointing Big Tech critics<\/a> to influential positions across the federal government, such as Lina Khan<\/a><\/strong> to head the Federal Trade Commission and Tim Wu<\/a><\/strong> as special assistant to the president for technology and competition policy. Most recently, the FTC refiled<\/a> a lawsuit against Facebook, regarding the company\u2019s anti-competitive practices. Facebook has filed a petition for Khan to recuse herself from the case, stating that her work on the House investigation into platform monopolies shows a bias against the company. While there is no anticipation that Khan will recuse herself, the lawsuit is indicative of the harder stance the administration is adopting with respect to Big Tech and its efforts to rein in its influence in the digital ecosystem.<\/p>\n\n\n\n

Looking to the future and acknowledging the need for a highly trained workforce in order to strengthen U.S. defenses against growing sophisticated cyberattacks and operations, President Biden is investing in a diverse talent base through investments and increasing opportunities for women and minorities within the federal cyber and technology ecosystem. In 2015, then-Vice President Biden supported the establishment of the Department of Energy\u2019s Cybersecurity Workforce Pipeline Consortium and led a $25 million investment for cybersecurity education<\/a> at historically black colleges and universities (HBCUs). To continue fostering the talent needed to address modern cyber threats, the administration plans to broadly invest $70 billion in colleges and universities that play critical roles in their communities, such as HBCUs, tribal colleges and universities (TCUs), Hispanic-serving institutions (HSIs), and Asian American and Native American Pacific Islander-serving institutions (AANAPISIs). However, it is currently unclear how much of this funding will be directly geared toward cyber education and training. As a candidate, Biden also pledged to provide educational opportunities for women to pursue science, technology, engineering, and mathematics (STEM) careers by investing in school vocational training and partnerships among high schools, community colleges, and employers.<\/p>\n\n\n\n

The cyber arena remains largely bipartisan as Democrats and Republicans recognize the urgency to address cyber vulnerabilities and rein in Big Tech as well as the need to protect critical infrastructure, enhance U.S. cyber defenses, and build a strong cyber-workforce. Across the cyber and technological landscape, President Biden is urging collaboration across all government levels\u2014local, municipal, state, and federal\u2014and cooperation with partners and allies, particularly in Asia and Europe<\/a>, to tackle cyberthreats. At the Munich Security Conference in February 2021, President Biden called on European partners to address cybersecurity, expressing his desire for multilateral cooperation on the issue and promising to recommit U.S. international engagement to create and uphold global norms in cyberspace and emerging technologies<\/a>. Similarly, in March 2021, Australia, India, Japan, and the U.S., collectively known as the Quadrilateral Security Dialogue, asserted their cooperation on establishing international standards and initiatives with respect to emerging and critical technology (particularly 5G and AI) and enhancing cybersecurity as a means to combat China\u2019s growing economic and technological influence in the region. In April 2021, National Security Advisor Jake Sullivan<\/a><\/strong> signaled the administration\u2019s support for new EU restrictions on how companies can use AI<\/a> and pointed to Australia as a key ally with which to tackle cybersecurity<\/a>, suggesting that the administration is eager to cooperate with allies and leverage existing alliances such as the Five Eyes (Australia, Canada, New Zealand, the U.K., and the U.S.) to address global threats to cyber and technology security. To that end, the Biden administration and the EU plan to form<\/a> a new EU-U.S. Trade and Technology Council (TTC) to combat China\u2019s growing dominance in the technology and trade sectors. The alliance plans to address issues ranging from tech supply chains to investments in digital projects. In its interim national security guidance<\/a>, the Biden team identifies cyberattacks and digital authoritarianism as key threats to democracies worldwide, and cyber and technology challenges were a central issue at the 2021 Copenhagen Democracy Summit<\/a>. The ability of technology to bolster democratic institutions was also a key component of the summit, however, the event was notably funded in part by Facebook, Microsoft, and Twitter. Still, the administration will face myriad obstacles addressing the evolving threat while balancing the rest of its foreign policy priorities, particularly COVID-19<\/strong><\/a> and climate change<\/strong><\/a>.<\/p>\n\n\n\n\t

\n\t\t\t\t\n\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\tPresident Biden\u2019s Initiatives in Cyber and Technology\t\t\t\t\t<\/h5>\n\t\t\t\t\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
Economic Investments<\/h6>\n