Security Experts:

Connect with us

Hi, what are you looking for?



US National Cyber Strategy Pushes Regulation, Aggressive Hack-Back Operations

The U.S. government is set to green-light a more aggressive ‘hack-back’ approach to dealing with foreign adversaries and mandatory regulation of critical infrastructure vendors.

White House cybersecurity budget

The U.S. government is set to release a cybersecurity strategy document that approves mandatory regulations on critical infrastructure vendors and green-lights a more aggressive ‘hack-back’ approach to dealing with foreign adversaries.

According to early reporting on the strategy document making the rounds in Washington, the Biden administration is mulling over the final details of a 35-page National Cybersecurity Strategy that will use regulation to “level the playing field” in national security.

“[While] voluntary approaches to critical infrastructure cybersecurity have produced meaningful improvements, the lack of mandatory requirements has too often resulted in inconsistent and, in many cases inadequate, outcomes,” the document argues, calling for a dramatic shift of liability “onto those entities that fail to take reasonable precautions to secure their software.” 

The strategy, created by the Office of the National Cyber Director (ONCD), also gives high-level authorization to law enforcement and intelligence agencies to hack into foreign networks to prevent attacks or to retaliate against APT campaigns.

According to a draft copy seen by Slate, the aggressive strategy is meant to preemptively “disrupt and dismantle” hostile networks by authorizing U.S. defense, intelligence, and law enforcement agencies to hack into the computer networks of criminals and foreign governments. 

“Our goal is to make malicious actors incapable of mounting sustained cyber-enabled campaigns that would threaten the national security or public safety of the United States,” the document states in a section titled “Disrupt and Dismantle Threat Activities,” according to Slate.

The strategy document goes deeper, assigning the work to the FBI’s National Cyber Investigative Joint Task Force working in tandem with all relevant U.S. agencies.  It said private companies will be “full partners” to issue early warnings and help repel cyberattacks.

The strategy is expected to be signed by President Biden “in the coming weeks.”

Related: Chris Inglis Steps Down as US National Cyber Director

Related: Biden Signs Two Cybersecurity Bills Into Law

Related: The AP Interview: Justice Dept. Conducting Cyber Crackdown

Related: Biden, Tech Leaders Eye ‘Concrete Steps’ to Boost Cybersecurity

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


The United States blacklisted six Chinese entities it said were linked to Beijing's aerospace programs as part of its retaliation over an alleged Chinese...


ENISA and CERT-EU warn of Chinese threat actors targeting businesses and government organizations in the European Union.


Microsoft blames a “Russian-based threat actor” for in-the-wild attacks hitting its flagship Microsoft Outlook and has released a detection script to help defenders.


FBI says a North Korea-linked threat group known as Lazarus and APT38 is behind the $100 million Horizon bridge cryptocurrency heist.


A China-linked hackers are exploiting a vulnerability (CVE-2022-42475 ) in Fortinet FortiOS SSL-VPN, Mandiant claims.