On Wednesday, US President Joe Biden signed an executive order advancing government cybersecurity capability and encouraging changes in information security practises across the business sector, which has been battered by a wave of cyber attacks.
The executive order establishes a number of programmes aimed at providing government agencies with improved cybersecurity resources.
It comes after a cyberattack on the Colonial Pipeline that crippled several internal computer systems with ransomware. As a result, Colonial shut down the pipeline, causing gasoline shortages and panic purchasing in the southeastern United States.
On Wednesday, Atlanta-based Colonial said it “initiated the restart of pipeline operations at 5pm ET.”
But it will take several days for deliveries to return to normal, the company said.
Biden’s order also requires that software companies selling to the government maintain certain cybersecurity standards in their products and report whether they themselves have been compromised by hackers. The requirement was first reported by Reuters in March.
A senior administration official described the executive order as having a “very significant” impact on the government’s ability to detect and respond to hacking incidents.
“It reflects a fundamental shift in our mindset from incident response to prevention, from talking about security to doing security, setting aggressive but achievable goals …” the official said.
The pipeline cyberattack is the latest in a string of cyber incidents against US companies and government agencies over the last six months.
In December, a Russian supply-chain hacking operation became public which burrowed into nine federal agencies. More recently, the government has been investigating a different hacking campaign with ties to China that affected five civilian agencies.
“It’s hard to learn from each incident and ensure that broadly government and companies have information to protect themselves,” said the official.
“So, we have pushed the authority as far as we could and said anybody doing business with the US government will have to share incidents, so that we can use that information to protect Americans.”
Senator Mark Warner, a Democrat, who chairs the Senate Intelligence Committee, said the executive order is a good first step but the United States “is simply not prepared to fend off state-sponsored or criminal hackers intent on compromising our systems for profit or espionage”.
“Congress is going to have to step up and do more to address our cyber vulnerabilities,” he said.
with REUTERS and AP