Cybersecurity

White House is prioritizing secure internet routing, using memory safe languages

National Cyber Director Harry Coker says the Biden administration is focusing on securing foundational technologies.

October 9, 2024

National Cyber Director Harry Coker speaks at Recorded Future's Predict 2024 conference. (Photo Courtesy of Recorded Future)

National Cyber Directory Harry Coker said that the White House is focused on securing two foundational aspects of the tech landscape: how information packets are routed across the internet and computer programming languages that can be susceptible to memory-related errors.

Speaking at a Recorded Future event Wednesday in Washington, D.C., Coker said the White House is looking at next steps to secure Border Gateway Protocol, or BGP, which directs data through the most efficient internet route via thousands of public and private networks.

The White House wants to advance BGP security through the adoption of security mechanisms known as Resource Public Key Infrastructure (RPKI).The White House last month announced its plans to have RPKI in place in more than 60% of the federal government’s advertised IP space by the end of the year.

“We’ve known for decades that the foundation of today’s internet is not secure,” Coker said. “We have seen instances where internet traffic was to be sent from a location in the domestic U.S. for another location in the domestic U.S. and it made a detour across the Pacific.”

Coker added the White House is setting up a working group to look at next steps after broader adoption of RPKI.

In the meantime, the country appears to be lagging some of its counterparts: Coker said Europe has already moved with around 70% of its IP space, while the U.S. is only at around 40%.

“This is an area where the federal government needs to pick up the pace,” Coker said.

Another White House priority has centered on moving toward memory safe programming languages, which can help deter common vulnerabilities that constantly arise in software.

Shifting from languages, like C or C++, to memory-safe ones like Go or Rust, has been a key priority of the Biden administration as a way to avoid known bugs. A Microsoft report found that more than 70% of the vulnerabilities they assign a CVE to in a given year is related to memory safety.

“The quality of life, again, how we live, work and play, is on this digital foundation that we need to make as secure as possible,” Coker said. “We need to make as many folks understand that a digital foundation underpins virtually every aspect of our lives today.”