Biden signs cybersecurity order after largest U.S. fuel pipeline hacked

On Wednesday (May 13), U.S. President Joe Biden signed an executive order to strengthen federal cybersecurity capabilities and encourage the private sector to improve digital security standards. The U.S. private sector has been hit by a spate of cyber attacks recently.

Reuters reports that the executive order establishes a series of initiatives aimed at equipping federal agencies with better cybersecurity tools.

This follows a hack of Colonial Pipeline that disabled some internal computer systems with ransomware. That led to the shutdown of the largest U.S. fuel pipeline, triggering fuel shortages and panic refueling in the southeastern United States.

On Wednesday, Atlanta-based Colonial Pipeline announced that it had “begun restarting operations on the pipeline at 5 p.m. EDT.

The executive order also requires software companies that sell products to government departments to maintain certain cybersecurity standards in their products and to report whether they have been hacked. Reuters first reported the requirement in March of this year.

A senior government official said the executive order has a “very significant” impact on the government’s ability to detect and respond to hacking incidents.

The official said, “It reflects a fundamental shift in our mindset from responding to emergencies to prevention, from talking about security to implementing security measures and setting aggressive and achievable goals.”

The cyberattack on Colonial Pipeline’s systems is the latest in a series of cyberattacks against U.S. companies and government agencies in the past six months.

Last December, a Russian supply chain hacking operation that infiltrated nine federal agencies came to light. More recently, the U.S. government has also been investigating another hacking operation linked to the Chinese Communist Party that involved five civilian agencies.

“It’s really difficult to learn from each of these incidents and to ensure that the government and businesses have extensive information to protect themselves,” the official said.

“So we’ve pushed and required, as much as we can, that anyone doing business with the U.S. government must share information about incidents (of cyberattacks) so that we can use that information to protect Americans.”

Sen. Mark Warner (D-Va.), chairman of the Senate Intelligence Committee, said the executive order is a good first step, but that the United States “is simply not prepared to defend itself against state-sponsored hackers or hacking criminals who are intent on making a profit or spying by compromising our systems.”

He said, “Congress will have to take additional steps to address our cyber vulnerabilities.”