On Wednesday, the White House released a statement announcing that President Biden signed an executive order aimed to strengthen the federal government’s cybersecurity defenses. The Biden administration acts on a stack of overlapping cyberattacks, including the ransomware attack on Colonial Pipeline that has caused gas shortages in at least seven states across the East Coast.

Biden Executive order heimdal security

Image Source: Doug Mills/The New York Times

Today, President Biden signed an Executive Order to improve the nation’s cybersecurity and protect federal government networks. Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cybercriminals. These incidents share commonalities, including insufficient cybersecurity defenses that leave public and private sector entities more vulnerable to incidents.

Source: The White House

As a new road map for the U.S. cyber defense, the executive order aims to:

  • Remove Barriers to Threat Information Sharing Between Government and the Private Sector
  • Modernize and Implement Stronger Cybersecurity Standards in the Federal Government
  • Improve Software Supply Chain Security
  • Establish a Cybersecurity Safety Review Board
  • Create a Standard Playbook for Responding to Cyber Incidents
  • Improve Detection of Cybersecurity Incidents on Federal Government Networks
  • Improve Investigative and Remediation Capabilities

The order directs the Commerce Department to author new standards for software vendors supplying the federal government. The cybersecurity rating system would mandate multi-factor user verification to new technology and added encryption.
In addition, the order would create digital safety standards for both federal agencies and contractors that develop software for the federal government.

It would also require federal agencies to adopt a “zero trust” approach to software vendors. As indicated by its name, Zero Trust is a concept based on the notion that organizations should not trust anyone or any device by default, and thus, they must verify every single connection before allowing access to their network. Therefore, federal agencies will grant software vendors access to federal systems only when absolutely necessary. Additionally, they will make sure contractors comply with steps to ensure that the software they deliver has not been infected with malware or does not contain exploitable vulnerabilities. If any vulnerabilities are found in the software, they will be reported to the U.S. government.

Violating these rules would result in vendors having their products banned from sale to the federal government, which would, basically, damage their viability in the market.

Recommendations in the report include pressing ransomware safe-havens, like Russia or China, into prosecuting threat actors with sanctions or travel visa restrictions. Another recommendation is that international law enforcement team up to hold cryptocurrency exchanges liable under money-laundering laws.

According to The New York Times, Biden’s executive order also aims to “fill in blind spots in the nation’s cyber defenses that were exposed in the recent Russian and Chinese cyberattacks, which were staged from domestic servers inside the United States, where the National Security Agency is legally barred from operating.”

Colonial Pipeline Hit with A Cyberattack Involving Ransomware [Updated]

DarkSide Ransomware Shifts Blame for Colonial Pipeline Attack

Russian SVR Behind the SolarWinds Hack, According to U.S. Government

A Ransomware Attack Affected Personal Touch Patients and Employees Across U.S.

The Biden Administration Considers Cybersecurity a Top Priority for National Security

Leave a Reply

Your email address will not be published. Required fields are marked *