U.S. hit hard by successive cyber intrusions, Biden issues executive order on cybersecurity

President Joe Biden issued an executive order Wednesday (May 12, 2021) to develop a response to the spate of cyber attacks on the United States. Observers say the executive order is the most specific guide to action taken by any U.S. administration to strengthen cybersecurity, but is only the first step in a comprehensive and effective effort to defend against cyberattacks.

The executive order requires the software industry to establish basic cybersecurity standards, including industry standards for multiple authentication methods, encryption, logging into computer systems and operating in a zero-trust environment, and mandates that computer software sold to the federal government meet this standard.

The Executive Order also requires companies that sell information technology products to the federal government to promptly report hacking incidents and share information about threats with the government so that the federal government can quickly share relevant information with users of the nation’s networks.

In addition, the executive order requires federal agencies and the private cyber industry to jointly establish a cyber incident investigation board to analyze major cyber attacks and provide specific recommendations for strengthening cyber security.

In introducing the latest cybersecurity executive order Wednesday, a senior Biden administration official said the executive order was issued first to prevent cyber intrusions from occurring and second to prepare the United States to respond quickly to cyber intrusions that do occur.

President Biden meets with reporters after a cyber attack on U.S. fuel pipeline transportation company Colonial Pipeline (Reuters, May 10, 2021)

Over the past several months, the U.S. has been hit by a number of large-scale, far-reaching cyber attacks, including the hacking of Solarwinds software, widely used by the federal government and private businesses, and Microsoft’s email communications platform. The latest cyberattack involved Colonial Pipeline, a major fuel pipeline transportation company, causing disruptions to fuel pipeline supplies to several states in the southeastern United States.

People wait in long lines for gas in North Carolina after a cyberattack on a U.S. pipeline transmission company (Reuters May 12, 2021)

Senate Intelligence Committee Chairman Mark Warner (D-Va.) said the White House is taking the right first step by issuing the executive order, but Congress must also act to make a greater effort to address U.S. cybersecurity weaknesses.