A version of this story appeared in the daily Threat Status newsletter from The Washington Times. Click here to receive Threat Status delivered directly to your inbox each weekday.
President Biden on Tuesday signed a national security memorandum laying out an updated, government-wide plan to protect critical American infrastructure in the face of growing cyberthreats posed by China, Russia and other U.S. adversaries.
The document, senior administration officials said, is the culmination of a process that began over a year ago. It gathered input from agencies across the federal government and the private owners and operators who manage communications equipment, transportation, water systems, dams and other systems crucial to modern everyday life. Those systems are so central to U.S. society, the White House said, that they are an increasingly appealing target.
“Critical infrastructure comprises the physical and virtual assets and systems so vital to the nation that their incapacity or destruction would have a debilitating impact on national security, national economic security or national public health or safety,” reads a portion of the memo signed by Mr. Biden.
“The United States also faces an era of strategic competition with nation-state actors who target American critical infrastructure and tolerate or enable malicious actions conducted by non-state actors. Adversaries target our critical infrastructure using licit and illicit means,” the memo says. “In the event of crisis or conflict, the nation’s adversaries will also likely increase their efforts to compromise critical infrastructure to undermine the will of the American public and jeopardize the projection of United States military power.”
The updated federal strategy comes at a pivotal moment after multiple high-profile attacks on infrastructure sectors by U.S. enemies. Such attacks seem likely to continue. FBI Director Christopher A. Wray warned earlier this month that American adversaries, in particular China, intend to “land low blows against civilian infrastructure to try to induce panic and break America’s will to resist.”
Iran and North Korea have also been accused of being behind cyberattacks targeting American infrastructure systems.
With alarm bells ringing in national security circles about the vulnerability of U.S. infrastructure, officials said it was time for an updated plan to guard the nation’s most vital assets.
“The threat environment has changed significantly” since the last government-wide infrastructure memorandum was issued in 2013 by then-President Obama, a senior administration official told reports on a conference call Monday.
Another official said there is no longer any doubt that critical infrastructure is at risk.
“In the event of crises or conflict, we know America’s adversaries may attempt to compromise our critical infrastructure,” the official said. “Resilience, particularly for our most sensitive assets and systems, is the cornerstone of homeland defense and security.”
Mr. Biden’s memorandum applies to all 16 “critical infrastructure sectors” defined by the federal government. They include communications, the chemical sector, manufacturing, the defense industrial base, energy, emergency services, financial services, health care, water and food systems and transportation. The Department of Homeland Security will lead the government-wide effort.
Officials said that DHS will produce a biennial “national risk management plan” that summarizes current risks to U.S. infrastructure. The American intelligence community will then collect and share information with the owners and operators of such critical infrastructure, including private companies, local governments and other stakeholders.
Those entities are “the first line of defense against adversaries” targeting infrastructure, a senior administration official told reporters on Monday’s conference call.
The new government memorandum will also lay out baseline security standards for each of the 16 infrastructure sectors. To ensure all stakeholders have the information they need about current and future threats, officials said the federal government has prioritized the declassification of federal intelligence and data when appropriate, and will hold classified briefings with operators when necessary.
Vulnerable
Threats to American infrastructure have long been a top priority for the FBI and other arms of the federal government. But never before has the scope of the threat, and its potential repercussions for U.S. society as a whole, been so clear. The past several months have brought a host of eye-opening examples of just how vulnerable the country may be.
Last month, a Singapore-flagged container ship crashed into the Francis Scott Key Bridge in Baltimore, temporarily shutting down one of the country’s busiest and most logistically important ports. While an accident with no connection to terrorism, authorities said, the incident cast a bright spotlight on just how quickly — and from an enemy’s perspective, how simply — American bridges, ports and maritime traffic could be shut down.
Other recent incidents are perhaps even greater cause for alarm.
A January cyberattack on the water system of Hale, a small town in the rural Texas panhandle, was linked to a group of Russian hackers. The group, calling itself the Cyber Army of Russia Reborn, claimed responsibility.
Last December, U.S. officials said that Iran-linked hackers also had targeted U.S. water systems, including sites in western Pennsylvania, along with targets across the American health care industry. Russia-linked hackers also claimed responsibility for an attack earlier this month on a wastewater treatment plant in rural Indiana, according to media reports.
Perhaps the greatest threats come from the People’s Republic of China, which is already believed to be responsible for a host of cyberattacks against U.S. and allied targets. Last month, the U.S. government imposed new economic sanctions on a Chinese company linked to Beijing’s Ministry of State Security spy service, accusing the firm of conducting cyberattacks against critical U.S. infrastructure.
Federal law enforcement officials say the worst may be yet to come.
Hackers groups with links to China‘s Communist regime are suspected of already having infiltrated many key public and private U.S. networks, “lurking” for now but prepared to mobilize should a direct conflict with the U.S. break out. Beijing, for its part, says it is the U.S. intelligence community that operates the world’s biggest and most sophisticated cyberattack operation.
“The PRC has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate on the world stage, and that its plan is to land low blows against civilian infrastructure to try to induce panic and break America’s will to resist,” the FBI director said earlier this month during a speech at the Vanderbilt Summit on Modern Conflict and Emerging Threats in Nashville.
“The fact is, the PRC’s targeting of our critical infrastructure is both broad and unrelenting,” Mr. Wray said.
