State Department reportedly plans new cybersecurity office

New post will be part of a department overhaul to tackle global cybersecurity challenges, the Wall Street Journal reports.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Steven Musil
2 min read
Angela Lang/CNET

The US State Department plans to create a new bureau of cyberspace and digital policy as part of an overhaul to confront global cybersecurity challenges such as ransomware attacks, the Wall Street Journal reported Monday. The restructuring will also include creation of a separate position of special envoy for critical and emerging technology, the Journal reported, citing unidentified US officials.

The overhaul, expected to be announced next week, is the latest in a series of moves the Biden administration has made in recent months to respond to international cybersecurity problems, such has hacks of US government networks, election interference and theft of intellectual property.

In May, President Joe Biden issued an executive order aimed at improving US cybersecurity defenses in the wake of the crippling ransomware attack that forced the shutdown of a major US petroleum pipeline, leading to concern of widespread gas shortages along the East Coast. The criminal enterprise, which has since said it disbanded, is thought to be based in Russia.

The news comes as Microsoft said earlier Monday that the same Russian agency believed to be responsible for last year's massive SolarWinds cyberattack has targeted the computer networks of hundreds more companies and organizations in recent months. A tainted software update, which US intelligence agencies say likely originated in Russia, was used to gain access to the systems of thousands of SolarWinds customers, including federal agencies, major tech companies and hospitals. Russia has denied involvement.

A Senate report issued in August criticized several federal agencies for weak cybersecurity practices. Seven of the eight federal agencies reviewed by the Homeland Security and Governmental Affairs Committee had failed to implement baseline cybersecurity practices to protect personally identifiable information, creating a significant privacy and security risk for Americans' data. 

The State Department didn't immediately respond to a request for comment.