U.S. President Joe Biden has signed a new cybersecurity executive order calling on cooperation between the private sector and federal agencies to minimise collateral damage stemming from cyber attacks launched against critical infrastructure providers.
The move for President Biden to sign the new cybersecurity executive order comes after a large scale ransomware attack was launched against a major infrastructure operator, Colonial Pipeline, who operates a 8,500km fuel pipeline on the East Coast of America.
In that attack, Colonial’s pipeline was shut down for more than a week, causing fuel shortages and havoc in markets as the operator struggled to reopen the pipeline after it was hacked.
Get ISO 27001 – Information Security – Certification With Best Practice
President Biden has said that the hack of Colonial Pipeline was so severe that it deserved an “all-of-government response” to ensure that operators of critical infrastructure like energy companies remain protected from cyber attacks.
Biden said that if the private sector and federal government cooperate, they can take on the “persistent and increasingly sophisticated malicious cyber campaigns” that are being launched against infrastructure operators around the globe.
These attacks, however, are extremely targeted at American institutions, organisations and operators of infrastructure, which is likely the result of geo-political tensions between the US and countries like China, Russia, Iran and North Korea.
Highlights of the most significant aspects of the cybersecurity executive order include:
- Requiring IT service providers to tell the government about cybersecurity breaches that could impact U.S. networks, and removes certain contractual barriers that might stop providers from flagging breaches.
- Creation of a standardized playbook and set of definitions for federal responses to cyber incidents.
- Pushing the federal government toward upgrading to secure cloud services and other cyber infrastructure, and mandates deployment of multifactor authentication and encryption with a specific time period.
- Improving security of software sold to the government, including by making developers share certain security data publicly.
- Establishing a “Cybersecurity Safety Review Board” comprising public- and private-sector officials, which can convene after cyber attacks to analyze the situation and make recommendations.
- Improving information-sharing within the federal government by enacting a government-wide endpoint detection and response system.
President Biden Signs New Cybersecurity Executive Order After Pipeline Hack
The White House has issued a statement saying that “the Colonial Pipeline incident is a reminder that federal action alone is not enough.”
“We simply cannot let waiting for the next incident to happen to be the status quo under which we operate,” they said.
A report from the Washington Post quotes Ari Schwartz, former cybersecurity official under the Obama administration, who said that the executive order represents “the most ambitious cybersecurity effort from an administration in decades.”
“In so many areas of computer security, what the federal government does first, the private sector follows. What the federal government is requiring here likely will become the standard for all software moving forward – not just in the United States, but internationally,” he said.
According to Reuters, the sweeping changes also “requires that software companies selling to the government maintain certain cybersecurity standards in their products and report whether they themselves have been compromised by hackers.”
That report quotes an official of the Biden administration who said that the executive order will have a “very significant” impact over the government’s ability to anticipate, prepare for, and respond to several cybersecurity threats launched against the United States.
“It’s hard to learn from each incident and ensure that broadly government and companies have information to protect themselves,” they said. “So, we have pushed the authority as far as we could and said anybody doing business with the US government will have to share incidents, so that we can use that information to protect Americans.”
