Biden releases proclamation on increasing cybersecurity awareness from ransomware, other attacks

U.S. President Joe Biden released a proclamation on the occasion of cybersecurity awareness month to highlight the importance of safeguarding the nation’s critical infrastructure from malicious cyber activity and protecting citizens and businesses from ransomware and other attacks. Additionally, the move looks toward raising awareness about the simple steps Americans can take to secure their sensitive data and stay safe online.

In his proclamation, President Biden called upon “people, businesses, and institutions of the United States to recognize the importance of cybersecurity, to take action to better protect yourselves against cyber threats, and to observe Cybersecurity Awareness Month in support of our national security and resilience.”

Pointing out that cybersecurity is not limited to government or critical infrastructure, President Biden said that hackers target Americans every day, and cybersecurity is about protecting the American people and the services they rely on. “By destroying, corrupting, or stealing information from our computer systems and networks, they can impact electric grids and fuel pipelines, hospitals and police departments, businesses and schools, and many other critical services that Americans trust and rely on every day.” 

The U.S. has traditionally observed the month of October as the ‘National Cybersecurity Awareness Month (NCSAM)’ since 2003 to remind and nudge industrial and manufacturing stakeholders, including supply chain vendors, to pause and analyze their cybersecurity environment. The intention behind this is to drive organizations to analyze their cyber security awareness and carry out necessary measures that will help to streamline and update their cybersecurity posture.

The Biden administration has adopted various measures to shield the nation from cyberattacks and improve its defenses against these adversarial attacks. 

“Last year, I signed an Executive Order to modernize the Federal Government’s cybersecurity defenses and create a standard playbook for Federal agencies to better identify and mitigate cyber threats and to respond quickly and effectively when they are attacked,” President Biden said. “It also improves Federal information security by establishing robust security standards for software purchased by the Government, which in turn raises the standard of cybersecurity in software products sold to the American people. My Administration is using the enormous purchasing power of the Federal Government to move the market standard to better protect Americans.” 

Clearly, the government cannot meet the nation’s cyber resilience goals alone. “The private sector owns and operates much of our Nation’s critical infrastructure, and my Administration is committed to partnering with private industry to keep the public safe,” President Biden said. “We have required minimum cybersecurity standards for vital sectors of the American economy, including new security directives issued by the Transportation Security Administration to strengthen our transportation sector and associated infrastructure.” 

The President also cited the Bipartisan Infrastructure Law, through which the government invests in cybersecurity as a critical component in everything built, from bridges to the electrical grid. “We will also continue exchanging information with private industry about cyber threats so they can keep strengthening their defenses and ensure that the critical services they provide to the American people stay up and running,” he added.

President Biden said that the challenges require urgency and cooperation around the globe. “That is why we are also joining with our international partners to hold malicious cyber actors accountable for their disruptive and destabilizing cyber-attacks and to make it harder for them to conduct damaging activities. My Administration’s international Counter-Ransomware Initiative brings together more than 30 countries spanning 13 time zones to disrupt malicious cyber activity around the world,” he added.

“This month, I encourage all Americans to increase their cybersecurity at home, at work, and in schools by taking steps such as enabling multi-factor authentication, using a trusted password manager and strong passwords, recognizing and reporting phishing, and updating their software regularly. As the threat of malicious cyber activities grows, we must all do our part to keep our Nation safe and secure,” he added.

The Federal Bureau of Investigation (FBI) and its partner agencies called upon stakeholders to practice good cyber hygiene and be aware of common online threats. The agency listed common cyber red flags, cyber safety tips, cyber threats, and how these evolving threats can be combated. 

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally. With the CISA Cybersecurity Awareness Program national public awareness effort, CISA looks to increase the understanding of cyber threats and empower the American public to be safer and more secure online.

The CISA cybersecurity awareness program is part of an effort among federal and state governments, industry, and non-profit organizations to promote safe online behavior and practices. It is a public-private partnership implemented in coordination with the NCA. This year’s campaign theme, ‘See Yourself in Cyber,’ showcases that while cybersecurity may seem like a complex subject, it ultimately boils down to people. 

CISA called upon stakeholders to focus on the ‘people’ part of cybersecurity, providing information and resources to help educate CISA partners and the public, and ensure all individuals and organizations make smart decisions. The agency also encouraged stakeholders to engage in this year’s efforts by creating cybersecurity awareness campaigns and sharing the message with peers. It suggests thinking before clicking to recognize and report phishing, updating software, using strong passwords, and enabling multi-factor authentication.

Just as the U.S. enters cybersecurity awareness month, a PricewaterhouseCoopers (PwC) executive reportedly told CNN that an elite Chinese hacking group with ties to operatives indicted by a U.S. grand jury in 2020 has surged its activity this year. The group has targeted sensitive data held by companies and government agencies in the U.S. and dozens of other countries.

One of the Chinese groups tracked by PwC has targeted dozens of U.S. organizations in the last year, including government agencies and software or tech firms, Kris McConkey, who leads PwC’s global cyber threat intelligence practice, told CNN. The intruders often comb networks for data that could offer insights into foreign or trade policy, he said, but also dabble in cryptocurrency schemes for personal profit. 

He declined to detail the types of U.S. government agencies targeted at the federal, state, or local levels.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.