The US Presidential Administration has published (https://krebsonsecurity.com/2023/03/highlights-from-the-new-u-s-cybersecurity-strategy/) the National Cybersecurity Strategy policy paper. One of the key points is the development of companies’ responsibility for the security of their software and services. Loopholes for avoiding responsibility will be covered, and bonuses are promised to “those who have made cybersecurity their main concern”. But details on these plans are still scarce.
China is predictably named as the main threat to cybersecurity. The most active and constant threat to both the public sector and private traders. And also «the only country willing and able to change the international order.» In general, it is clear which way the wind blows. Russian hackers are also mentioned in passing. On the ransomware front, closer cooperation with cloud and other services is announced in order to more effectively prevent the use of network infrastructure in the United States by intruders. An example is the shutdown of the Emotet botnet in 2021, through which the same Ryuk and Trickbot worked. For more information about the document, follow the link from Krebs.