The strategy, which is intended to guide future policy, urges tighter regulation of existing cybersecurity practices across industries and improved collaboration between the government and private sector.
The strategy names China and Russia as the most prominent cybersecurity threats to the United States. On a call with reporters, a U.S. official who declined to be named, said part of the new strategy was aimed at reining in Russian hackers.
"Russia is serving as a de facto safe haven for cybercrime, and ransomware is a predominant issue that we're dealing with today," the official said.
Ransomware attacks, in which cyber criminal gangs seize control of a target's systems and demand ransom payments, are among the most common type of cyber attacks and have impacted a wide range of industries in recent years.
"The criminal justice system isn't going to be able to on its own address this problem – we do need to look at other elements of national power," the official added. "So we're hopeful that Russia understands the consequences of malicious activity in cyberspace, and will continue to be restrained."
The new action plan comes after a series of high-profile hacking incidents by domestic and foreign actors against the United States and amid the military conflict between Russia and Ukraine, in which cyber warfare has featured prominently.