Biden signs order to boost cyber security after pipeline hack

Washington

US President Joe Biden on Wednesday signed an executive order intended to strengthen US cyber security by improving information sharing about attacks with the private sector and adopting better safety practices throughout the government. It also seeks to improve the government's response to major cyber attacks.

The order has been in the works for months but was released less than a week after a ransomware attack on Colonial Pipeline forced the company to cut off the flow of fuel to much of the East Coast, leading to petrol shortages and filling stations running out. Colonial said on Wednesday evening that the pipeline was returning to service.

In a statement outlining the order, the White House stated that much of the US' critical infrastructure is owned and operated by the private sector, and it urged those companies to bolster their own cyber defences.

"The Colonial Pipeline incident is a reminder that federal action alone is not enough," said the White House statement. "We encourage private-sector companies to follow the federal government's lead and take ambitious measures to augment and align cyber security investments with the goal of minimising future incidents."

The executive order was crafted amid heightened angst over the US' apparent inability to deter criminal and nation-state hackers, after a series of devastating breaches that have claimed federal agencies, technology companies, hospitals and even a major police department as victims.

The order requires information technology (IT) service providers with government contracts to share information about cyber incidents with the US, an idea that has previously run aground because of a reluctance to disclose hacks and contractual barriers, which the White House vowed to remove.

The service providers will be required to share the information within specific time lines, a sliding scale based on the severity of the incident, said a senior administration official, who was granted anonymity to discuss the order.

It also seeks to move the federal government towards more modern and safer computer networks, embracing secure cloud services, encryption and multi-factor authentication within six months.

The order pledges to improve the government's ability to detect hackers in its networks and to keep logs of computer activity to ward off hacks and speed up detection after a breach.

The president's order calls for new standards for the security of the software supply chain, which was compromised as part of the so-called SolarWinds attack last year. In that instance, Russian hackers installed a backdoor in software for Texas-based SolarWinds software, which some customers installed during updates. The hackers ultimately infiltrated nine federal agencies and about 100 companies using the SolarWinds' backdoor, in addition to other methods.

The senior administration official said the order only makes a down payment towards modernising cyber defences, and stressed that the White House wants to focus on building more secure software products for Americans.

As such, software purchased by the federal government must meet the new standards within nine months, the official said. Other improvements in the federal government will be rolled out within six months.

But officials, speaking on condition of anonymity, said that if all the provisions in the order had been in place, it might not have prevented the attack on SolarWinds or the Colonial Pipeline.

"This executive order is a good first step, but executive orders can only go so far. Congress is going to have to step up and do more to address our cyber vulnerabilities," said Senator Mark Warner, a Virginia Democrat and chairman of the Senate Intelligence Committee. BLOOMBERG

READ MORE: Colonial restarts after cyber attack but fuel shortages to linger