Colonial hack: Biden orders tightening of cyber-defences

Read Time: 3 minutes

President Joe Biden has signed an executive order to improve US cyber-defences in light of recent attacks.

The detailed order issues strict deadlines for all government departments to tighten security.

It comes as the US deals with a hack on the country’s biggest pipeline that has seen fuel shortages and panic-buying across multiple states.

Colonial Pipeline says it has restarted its pumps but it will be “several days” until fuel supplies return to normal.

‘Plastic bags’

The company said: “Some markets served by Colonial Pipeline may experience, or continue to experience, intermittent service interruptions during the start-up period.

“Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal.”https://buy.tinypass.com/checkout/template/cacheableShow?aid=tYOkq7qlAI&templateId=OTBYI8Q89QWC&templateVariantId=OTV0YFYSXVQWV&offerId=fakeOfferId&experienceId=EXAWX60BX4NU&iframeId=offer_0e763acc7b457c03340a-0&displayMode=inline&widget=template

The company was attacked by ransomware group Darkside, on Friday, and forced to take operations offline.

The 5,000-mile (8,000km) pipeline supplies 45% of the petrol and jet-fuel needs of the east coast of the US.

The ensuing panic-buying led the US Consumer Product Safety Commission to tweet: “Do not fill plastic bags with gasoline.”

Cyber-espionage campaign

President Biden’s order was not written specifically in response to the latest attack but it is understood to have been delayed to take it into account.

It was initially prompted by the so-called SolarWinds cyber-espionage campaign discovered in December 2020.

That was one of the worst in history, with cyber-spies able to access emails and networks across multiple US government departments.

It has been blamed by the US and UK authorities on the Russian government.

‘Zero trust’

The wide-ranging order requires all government departments to:

• adopt multi-factor identification log-in systems within 180 days
• accelerate moves to “cloud” and “zero trust” frameworks
• designate which “unclassified data” is too sensitive to be kept in normal networks storage
• conduct more thorough reviews of critical-software suppliers

It also puts an emphasis on private cyber-security companies improving their own defences and being more transparent about when they themselves are attacked.

And it states cyber-security vendors must report intrusions within 72 hours of discovery.

Chris Krebs, former leader of the US Cybersecurity and Infrastructure Security Agency (CISA), tweeted the order “lays out an ambitious and achievable work plan to dramatically improve the security of US government networks by using the power of the purse”.

“Kudos to the team for pulling this together,” he added.

If cyber-security wasn’t a hot topic for President Biden before, then the past four months has been a baptism of fire(walls) for him.

Since December, the US has been on the receiving end of three of the worst cyber-attacks in history.

Each one has been entirely different too, testing the administration in different ways.

Solarwinds was a long-running and targeting espionage campaign aimed at the heart of government reportedly by a foreign state – Russia.

The Microsoft Exchange Server attack, in March, was a mass smash-and-grab against tens of thousands of private company’s email systems, thought to have been by state-affiliated criminal gangs based in China.

And right now a criminal gang, thought to be based in Russia, is holding the country’s largest pipeline to ransom, causing chaos at petrol pumps.

Mr Biden can’t solve all these potential attacks with the sweep of his pen – but this executive order is clearly aimed at creating a trickle-down effect.

If he can improve government defences, it will set a standard for cyber security across the entire country.