WGNO

Biden signs cybersecurity executive order after ransomware attack on fuel pipeline

WASHINGTON (NewsNation Now) — After a series of high-profile ransomware attacks, President Joe Biden signed an executive order Wednesday to strengthen the United States’ cyber defense practices.

The executive order creates an increased private-public partnership to ensure the U.S. is protected against future attacks, modernizes the cybersecurity practices of the federal government and implements an “energy star” style rating system for software companies.


“Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cybercriminals,” said a White House Official.

The Department of Homeland Security also issued a temporary waiver of a federal law overseeing maritime commerce to an individual company, not identified by the department, to allow the transport of additional gas and jet fuel between Gulf Coast and East Coast ports.

The pipeline was restarted late Wednesday, though Colonial warned it could take days before it’s operating normally.

“President Biden and the White House will monitor the situation closely in the coming days, and continue to urge Americans to just purchase what they need, and not hoard fuel, as supply is restored,” press secretary Jen Psaki said in a statement Thursday.

Cybersecurity experts have predicted federal officials would be forced to take an increasingly more active role in managing private companies’ cyber defense systems after high-profile breaches and ransomware incidents impacted increasingly significant numbers of people.

“I think we’re at the point where cybersecurity becomes a first-class citizen, for when we run our businesses and our governments,” said New Jersey Institute of Technology Distinguished Professor and Institute for Data Science director David Bader in a recent interview discussing the Exchange Hack.

Ransomware incidents have increasingly targeted higher profile targets and key infrastructure. The Colonial Pipeline incident impacted 45% of all the nation’s fuel, while another incident earlier this year could have poisoned an entire city in Florida.

“The cost of status quo is simply unacceptable. Today the cost of insecure technology is borne at the end. By the victims and incident response and incident response and cleanup, small businesses, schools, hospitals and local governments bear the brunt of these costs,” said a senior administration official.

The executive order requires IT providers to share information about breaches impacting the federal government and removing any barriers that would prevent someone from getting government assistance in the event of a hack.

“I think we have to make a greater investment in education as it relates to being able to train and graduate more people proficient in cybersecurity,” said Biden during remarks Wednesday.

A modernized labeling system for the software companies that rank security and require a baseline protection standard for all software sold to the government, the Biden administration hopes will strengthen the baseline national cybersecurity standards.

The Biden administration will also create a cybersecurity safety review board that will be government-led with private sector partners and a standard playbook and logging system for when private corporations or the national sector are hacked.