In Wake Of Pipeline Hack, Biden Signs Executive Order On Cybersecurity
Updated May 12, 2021 at 7:22 PM ET
President Biden signed an executive order Wednesday boosting America's cyber defenses following a ransomware attack on a company that operates a pipeline that provides nearly half of the gasoline and jet fuel for the country's East Coast.
The broad order, which the administration had been working on for months, aims to strengthen cybersecurity for federal networks and outline new security standards for commercial software used by both business and the public.
"Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals," the White House fact sheet says.
In a briefing with reporters Wednesday, a senior Biden administration official said that the order "reflects a fundamental shift in our mindset from incident response to prevention, from talking about security to doing security."
As NPR first reported last month, the order lays out a series of new requirements for companies that do business with the government.
Anne Neuberger, the deputy national security adviser for cyber and emerging technology at the White House, had told NPR in an interview that the idea is to use the federal contracting process to force changes in the private sector.
Biden's order requires companies to report certain information about cyber breaches. It updates security standards on government networks, including mandating multifactor authentication and encryption. And it creates a playbook for cyber incident response by federal agencies.
It also establishes a Cybersecurity Safety Review Board to analyze incidents. It's modeled on the National Transportation Safety Board, which reviews airplane crashes and incidents with other modes of transportation.
The order comes in the wake of the Colonial Pipeline hack, and after other recent cyber attacks. (Colonial had just restarted its pipeline earlier Wednesday.)
Much of the recent focus has been on Russian activities or operations with ties to Russia.
Biden said this week there was no evidence that the Russian government was behind the pipeline attack, but that he planned to meet with President Vladimir Putin; Biden suggested that Russia bears some responsibility for the attack because he said it was linked to cybercriminals with ties to Russia.
But the administration has made clear that the threat goes well beyond Russia.
"It's not specifically a bilateral problem; it's also a China problem," said Ari Schwartz, who served as cybersecurity director in the Obama White House. "It's a problem with Iran and North Korea and it's also a problem with a criminal issue. It's all of those things, and the Biden administration said that very directly on several occasions."
The Biden administration says for too long the government and the country have failed to take the necessary step to boost defenses.
"These are systems that we use to run government and conduct commerce --systems that are used to deliver our power and our water, to help manage traffic on our roads," the Biden official told reporters. "The cost of the continuing status quo is simply unacceptable." [Copyright 2021 NPR]