Biden has signed an executive order to strengthen U.S. cyber security
Joe Biden signed an executive order on Wednesday in an attempt to strengthen U.S. cyber security defenses, highlighting vulnerabilities in colonial pipelines, including destructive hacking, in all businesses and governments.
“Recent cybersecurity incidents. . . they remind us that public and private sector entities in the U.S. are increasingly subjected to more sophisticated malicious cyber activities by national agents and cybercriminals, ”the White House said.
Under the order, federal agencies will need to include multi-factor authentication in their systems and encrypt all data within six months to make it more difficult for hackers to access their IT infrastructure.
The order also requires IT providers who contract with the government to meet higher security requirements and be notified if their systems are breached. Depending on the severity of the incident, there would be strict deadlines for deployment on a sliding scale, a senior administration official said.
The pilot of a new star rating system for software sold to the government will also be launched to assess the safety of officials and citizens.
Measures SolarWinds hackin which Russian hackers targeted dozens of businesses for Spanish campaigns that hijacked American-made software, as well as the U.S. Department of Commerce and Finance.
Earlier this year, it appeared that there were also hackers backed by Chinese states management covert attacks on multiple targets, taking advantage of recently identified vulnerabilities in Microsoft software.
The order came after a group of cyber criminals carried out a ransomware attack on the East Coast’s main pipeline led by Colonial on May 7, causing a shortage of gasoline and fuel. 5,500 mile piping system operations resumed on Wednesday.
“These incidents have common features, including poor cybersecurity defenses, making public and private sector entities more vulnerable to riots,” the White House said.
In an effort to alleviate the government’s cyber defenses, the order seeks to introduce a “game book” on how government agencies should respond to incidents and improvements in records and information sharing after violations.
It also forms a private and public sector committee, which will appoint a cybersecurity security review committee to review major cyber incidents that have occurred and make recommendations to prevent them from happening again.
A committee modeled on the National Transportation Safety Board that investigates plane and train accidents would be responsible for reviewing the SolarWinds hack first, a senior administration official said.