Pipeline Hack: Biden Issues An Executive Order

President Biden has signed a new US Executive Order following the ransomware attack closed down the main US oils and gas pipeline supplying the East Coast which will alter how companies manage and report cyber security incidents. “Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that US public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals,” the White House said in a statement.

Despite some reports that the operating company has paid an undisclosed ransom to regain control, the pipeline remains closed. 

This Order aims at strengthening US cyber security defenses, a move that follows a series of sweeping cyber attacks on private companies and federal government networks over the past year. “The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.  The Federal Government must improve its efforts to identify, deter, protect against, detect, and respond to these actions and actors”, says the Executive Order for Improving the US Cyber Security. “We routinely install software with significant vulnerabilities to some of our most critical systems and infrastructure,...systems that are used to deliver our power and our water to help manage traffic,” a senior Biden administration official told the press. 

This Executive Order will change the way businesses communicate with the US government and the public about their cybersecurity position and also compels IT providers share information about network breaches with the government, even when they usually would not do so. It adds new standards for government purchases of federal software and IT services. 

The Biden administration hopes that the new federal requirements, will influence how IT providers make products and services available to the public. If these changes had been implemented earlier it seems likely they would have helped to prevent the SolarWinds attack that has affected multiple US government agencies.   “We use federal buying power to jumpstart the market for secure software,” said the official. 

The order also establishes a new incident review board, modeled after the National Transportation Safety Board, that will have a private sector co-chair to quickly review major cyber incidents and make recommendations on what to do about them. And it puts in place a standard playbook for responding to major cyber incidents. 

 Perhaps its most important feature, it will establish a new rating system to allow the public to judge the security of products and services that they’re buying, similar to the Department of Energy’s Energy Star rating system. That could affect the way consumers buy internet-enabled products and services. For instance, a shopper arbitrating between two baby monitors would be able to immediately see which one had the higher rating. 

The Biden Administration acknowledged that actions of the federal government alone in responding to cyber incidents are not enough, and called on private sector companies “to follow the Federal government’s lead and take ambitious measures to augment and align cybersecurity investments with the goal of minimising future incidents.”

This attack did not appear to involve the kind of highly sophisticated steps that Russia and China's state sponsored hackers are best known for.  Rather than directly try to take over the pipelines, the attackers went after what officials say was poorly protected corporate data, stealing it on such a large scale that it forced the company to close  the pipeline rather than risk the attack spreading further across the USA.

The White House:      DefenseOne:      CNBC:     Spectrum News:     New York Times:    Image: The White House

You Might Also Read:

Running Out Of Cyber Gas:

 

« Careers In Cloud Security
The European Union's Digital Security Plan »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IP Performance

IP Performance

IP Performance Limited is a leading supplier of customised network infrastructure and security solutions.

Blue Lights Digital

Blue Lights Digital

Blue Lights Digital have developed a range of platforms to support digital investigations, as well as providing continued support and education for investigations professionals.

Somansa

Somansa

Somansa is a global leader in Data Security and Compliance solutions designed to protect valuable company information from leakage and help meet regulatory compliance requirements.

Network Box

Network Box

Network Box is one of the world's leading Managed Security Service Providers.

Metro Systems

Metro Systems

Metro Systems offer fully integrated IT solutions & services covering Digital Transformation, Digital Infrastructure, Cyber Security and Training.

Aspisec

Aspisec

Aspisec is a cybersecurity company specialized in Firmware Security and Critical Infrastructure Protection.

Fingent

Fingent

Fingent develops strategic software solutions for businesses across the globe in areas including Network Security, Infrastructure Security, Application Security, Risk and Compliance.

MyDocSafe

MyDocSafe

MyDocSafe is an all-in-one document security and e-sign software.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

Cyolo

Cyolo

Cyolo’s Secure Access Service Edge (SASE) platform securely connects onsite and remote users to authorized assets, in the organizational network, cloud or IoT environments and even offline networks.

Grip Security

Grip Security

Grip Security provides comprehensive visibility, governance and data security to help enterprises effortlessly secure a burgeoning and chaotic SaaS ecosystem.

Tozny

Tozny

Tozny offers products with security and privacy in mind that are built on the foundation of end-to-end encryption, and open-source verifiable software.

StarLink

StarLink

StarLink is an acclaimed Value-Added Distributor across the Middle East, Turkey and Africa regions with on-the-ground presence in 20 countries including UK and USA.

Port443

Port443

Port443 specialises in providing Security Orchestration, Automation and Remediation (SOAR) "as a service".

Framework Security

Framework Security

With Framework Security, you get more than a consultancy; you get a partner dedicated to simplifying cybersecurity and protecting your business in the most efficient way possible.

Tracebit

Tracebit

Tracebit uses decoys to detect and respond to cloud intrusions in minutes.