U.S. President Joe Biden plans to issue a new executive order in the coming days to strengthen cybersecurity for federal agencies and contractors.
The move aims to address repeated cyberattacks linked to Chinese hackers and cybercriminal groups, according to a draft of the order cited by Reuters.
The order comes as Biden’s presidency nears its end and follows several high-profile cyberattacks on U.S. critical infrastructure, government emails, telecom companies, and the Treasury Department. While the U.S. government and cybersecurity experts blame China for these hacks, Beijing denies the accusations.
The proposal calls for stricter rules on secure software development and a way to ensure these rules are followed. The Cybersecurity and Infrastructure Security Agency (CISA) will evaluate compliance through its software attestation program.
Vendors who fail to meet the standards may face legal action from the attorney general, the draft states.
The order also requires creating guidelines to better manage access tokens and cryptographic keys used by cloud services. Hackers linked to China used this method to access email accounts of top U.S. officials in May 2023, according to Microsoft.
