The Biden administration on Thursday released a plan for improving the nation's cybersecurity by shifting the burden from individuals, small businesses, and local governments to federal agencies and major tech providers.
"We must rebalance the responsibility to defend cyberspace by shifting the burden for cybersecurity away from individuals, small businesses, and local governments, and onto the organizations that are most capable and best-positioned to reduce risks for all of us," the White House said in a press briefing.
The administration stressed that the problem demands a "more intentional, more coordinated, and more well-resourced approach to cyber defense," and that the U.S. faces a "complex threat environment, with state and non-state actors developing and executing novel campaigns to threaten our interests."
The plan calls for a combination of active federal efforts to defend critical infrastructure and "disrupt and dismantle threat actors" while also supporting the private sector's efforts to develop the country's digital ecosystem and investing in the research and development of new tools.
One specific change is that ransomware attacks will be classified as a threat to national security rather than just a criminal action, opening up the possibility of the federal government using its intelligence and defense capabilities to combat the practice.
“Our goal is to make malicious actors incapable of mounting sustained cyber-enabled campaigns that would threaten the national security or public safety of the United States,” the strategy document said