President Biden’s Executive order on U.S. cybersecurity.

The cyber-attack that happened on Colonial Pipeline impacted computerized equipment managing the pipeline network and stopped its operations to contain the attack. This shutdown in the pipeline of supplies rigidified the US with the rise in price and state emergencies. On the sixth day of the Colonial Pipeline shutdown, Biden signs an executive order for all software sold to the federal government should follow the baseline cybersecurity standards.

The FBI has blamed Russia’s [1] DarkSideattackers for the ransomware attack, claiming that hackers were inside Colonial’s IT network for weeks or even months before launching their ransomware attack. The attackers stole nearly 100 gigabytes of data and threatened to release it on the internet if the ransom was not paid.

Starting with last year’s hacking of SolarWinds, the US has seen several cyber warfares by Russia[2], Chinese[3] Microsoft Exchange email servers hack, and now Colonial Pipeline cyber attack. To take the strongest stance against these attacks, President Biden passed the effective Cybersecurity Executive Order to improve the nation’s cybersecurity and protect federal government networks.

What the new Executive Order on Cybersecurity Says…?

Biden’s new Executive Order[4] will guide in:

  • Removing barriers to threat information sharing between the government and the private sector.
  • Modernizing and implementing stronger cybersecurity standards in the federal government.
  • Improving software supply chain security.
  • Establishing a cybersecurity safety review board.
  • Creating a standard playbook for responding to cyber incidents.
  • Improving detection of cybersecurity incidents on federal government networks.
  • Improving investigative and remediation capabilities.

The federal government is trying to shape the entire software market with this Cybersecurity Executive Order. The order expands its responsibilities by planning security frameworks for cloud services and improved information-sharing. Any company that sells software to the federal government has to provide a software bill of materials (SBOM) that provides transparency of components and the application.

Back to Colonial Pipeline, the operations went back to normal by Saturday (15th May 2021). The Georgia-based firm declared a complete return to normalcy. “Delivering millions of gallons per hour to the markets we serve”, says the company on Twitter.

 

References:

  1. ABC News. (2021, May 16). Major US fuel pipeline resumes ‘normal operations’ following a cyber attack. ABC News. https://www.abc.net.au/news/2021-05-16/colonial-pipeline-normal-operations-ransomeware-attack/100142608.
  2. Craig Timberg, E. N. (2020, December 16). Russian hack was ‘classic espionage’ with stealthy, targeted tactics. The Washington Post. https://www.washingtonpost.com/technology/2020/12/14/russia-hack-us-government/.

  3. Ellen Nakashima, A. S. (2021, April 21). Chinese hackers compromise dozens of government agencies, defense contractors. The Washington Post. https://www.washingtonpost.com/national-security/chinese-hackers-compromise-defense-contractors-agencies/2021/04/20/10772f9e-a207-11eb-a7ee-949c574a09ac_story.html.

  4. Ellen Nakashima, A. S. (2021, April 21). Chinese hackers compromise dozens of government agencies, defense contractors. The Washington Post. https://www.washingtonpost.com/national-security/chinese-hackers-compromise-defense-contractors-agencies/2021/04/20/10772f9e-a207-11eb-a7ee-949c574a09ac_story.html.