Alarmed at repeated cyber-attacks on the country especially after at a key fuel pipeline last week, US President Joe Biden has signed an executive order, implementing new policies to improve national cybersecurity.
Admitting that the US is facing persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people's security and privacy, Biden said on Wednesday that the government must improve its efforts to identify, deter, protect against, detect, and respond to these actions and actors.
"Protecting our nation from malicious cyber actors requires the Federal Government to partner with the private sector. The private sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the Federal Government to foster a more secure cyberspace," he wrote in the executive order.
The executive order outlines several initiatives, including reducing barriers to information sharing between the government and the private sector, mandating the deployment of multi-factor authentication in the federal government, establishing a cybersecurity Safety Review Board and creating a standardised playbook for responding to "cyber incidents."
The executive order was passed after the Colonial Pipeline Company, which is the largest refined-products pipeline in the country, was forced to shut down due to a cybersecurity attack on May 7. The company temporarily halted all pipeline operations after the cybersecurity attack involving ransomware was detected. It has now partially restored the pipeline.
The Colonial Pipeline transports more than 100 million gallons of fuel daily on the East Coast. Biden said that incremental improvements will not give the country the security it needs.
"Instead, the Federal Government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life. The scope of protection and security must include systems that process data (information technology (IT)) and those that run the vital machinery that ensures our safety (operational technology (OT)," he emphasised.
The cyber-attack on the fuel pipeline was a huge one after the SolarWinds software attack. Since February, the Biden administration has been working to remediate the SolarWinds attack and change federal IT practices to protect against similar attacks in the future.
In another big cyber-attack after SolarWinds, at least 30,000 organisations across the US, including government and commercial firms, were hacked by China-based threat actors who used Microsoft's Exchange Server software to enter their networks.
The Federal Bureau of Investigation (FBI) then launched a mega operation to copy and remove malicious web shells from hundreds of vulnerable computers in the US that were running on-premises versions of Microsoft Exchange Server software used to provide enterprise-level email service.