[ad_1]
Joe Biden signed an executive order Wednesday in an attempt to bolster U.S. cybersecurity defenses after several devastating attacks, including the attack on colonial pipelines, revealed vulnerabilities between businesses and governments.
“Recent cyber security incidents. . . they recall that public and private sector entities in the United States are increasingly facing sophisticated cyber activity malicious by both nation-state actors and cybercriminals, ”the White House said.
Under the order, federal agencies will need to introduce multifactor authentication into their systems and encrypt all data within six months in order to make it difficult for hackers to penetrate their IT infrastructure.
The order also requires IT providers who contract with the government to meet higher security requirements and inform them if their systems have been breached. There would be strict deadlines for full-scale disclosure depending on the severity of the incident, a senior administration official said.
A pilot program of a new star rating system for software sold to the government will also be launched so that officials and the public can judge its security.
The measurements occur as a result of the Hack SolarWinds, in which Russian hackers hijacked American manufacturing programs to conduct espionage campaigns targeting dozens of companies, as well as agencies such as the U.S. Department of Commerce and Treasury.
Earlier this year, it appeared that there had also been hackers backed by the Chinese state direction stealth attacks on multiple targets by exploiting vulnerabilities recently revealed in Microsoft software.
The order also comes after a ransomware attack by a group of cybercriminals that paralyzed a key east coast pipeline run by Colonial on May 7, causing a shortage of gasoline and fuel. The 5,500-mile pipeline system resumed operations Wednesday.
“These incidents share commonalities, including insufficient cyber security defenses that make public and private sector entities more vulnerable to incidents,” the White House said.
In an effort to streamline government cyber defense, the order seeks to introduce a “game book” on how government agencies should respond to incidents and improvements in registration and information exchange after breaches.
It also creates a public-private sector board, which will be called the Cybersecurity Security Review Board, which will be tasked with analyzing major cyber incidents after they have occurred and making recommendations to prevent them from recurring.
The board, which is based on the National Transportation Safety Board investigating plane and train crashes, should be the first task to review the SolarWinds cut, the senior administrative official said.
[ad_2]
Source link
