Biggest tech fails of 2021 COVID vaccine mandate for health care workers blocked COVID variants: omicron vs. delta YouTube's 10 most-viewed videos uploaded in 2021 Spotify Wrapped 2021 arrives PS5 restock tracker

State Department reportedly plans new cybersecurity office

New post will be part of a department overhaul to tackle global cybersecurity challenges, the Wall Street Journal reports.

cybersecurity-2531
Angela Lang/CNET

The US State Department plans to create a new bureau of cyberspace and digital policy as part of an overhaul to confront global cybersecurity challenges such as ransomware attacks, the Wall Street Journal reported Monday. The restructuring will also include creation of a separate position of special envoy for critical and emerging technology, the Journal reported, citing unidentified US officials.

The overhaul, expected to be announced next week, is the latest in a series of moves the Biden administration has made in recent months to respond to international cybersecurity problems, such has hacks of US government networks, election interference and theft of intellectual property.

In May, President Joe Biden issued an executive order aimed at improving US cybersecurity defenses in the wake of the crippling ransomware attack that forced the shutdown of a major US petroleum pipeline, leading to concern of widespread gas shortages along the East Coast. The criminal enterprise, which has since said it disbanded, is thought to be based in Russia.

The news comes as Microsoft said earlier Monday that the same Russian agency believed to be responsible for last year's massive SolarWinds cyberattack has targeted the computer networks of hundreds more companies and organizations in recent months. A tainted software update, which US intelligence agencies say likely originated in Russia, was used to gain access to the systems of thousands of SolarWinds customers, including federal agencies, major tech companies and hospitals. Russia has denied involvement.

A Senate report issued in August criticized several federal agencies for weak cybersecurity practices. Seven of the eight federal agencies reviewed by the Homeland Security and Governmental Affairs Committee had failed to implement baseline cybersecurity practices to protect personally identifiable information, creating a significant privacy and security risk for Americans' data. 

The State Department didn't immediately respond to a request for comment.