Colin Thierry
Published on: April 1, 2022

US President Joe Biden had extended the state of national emergency in a notice yesterday in order to deal with increasingly widespread and severe malicious cyber threats to the United States national security, foreign policy, and economy.

The national emergency was first declared on April 1, 2015, by former President Barack Obama through Executive Order 13694. This executive order also sanctioned the individuals coordinating or contributing to cyberattacks against the US.

On December 28, 2016, Obama issued Executive Order 13757 to amend E.O. 13694 due to malicious cyber attacks being used to undermine democratic processes and institutions.

In the context of E.O. 13694, cyber-enabled malicious activity includes critical infrastructure breaches, denial of service attacks, and data theft incidents that pose a significant threat to US national security, foreign policy, economic health, or financial stability.

“Significant malicious cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States continue to pose an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States,” President Biden said.

“Therefore, I have determined that it is necessary to continue the national emergency declared in Executive Order 13694 with respect to significant malicious cyber-enabled activities,” he added.

Biden’s notice extended the national emergency declared in E.O. 13694 to continue to be in effect beyond April 1, 2022, under section 202(d) of the National Emergencies Act.

CISA Warning

The Biden administration’s decision follows a “SHIELDS UP!” warning issued by the Cybersecurity and Infrastructure Security Agency (CISA) for all US organizations, urging them to take proactive measures in order to defend their networks.

“Russia’s invasion of Ukraine could impact organizations both within and beyond the region, to include malicious cyber activity against the U.S. homeland, including as a response to the unprecedented economic costs imposed on Russia by the U.S. and our allies and partners,” CISA said.

“Evolving intelligence indicates that the Russian Government is exploring options for potential cyberattacks. Every organization—large and small—must be prepared to respond to disruptive cyber incidents,” the agency added.

In Feb, CISA and the FBI also warned US organizations about data wiping attacks on Ukraine that could spill over to targets from other countries.

This joint advisory closely followed the news of malware attacks targeting Ukraine with HermeticWiper malware and ransomware decoys aimed to destroy data and render targeted devices unbootable.