Biden signs executive order to bolster US cyber security following pipeline attack

Order directs federal agencies to adopt data encryption and multi-factor authentication within six months

US President Joe Biden on Wednesday signed an executive order that aims to implement new policies to protect the country from future cyber attacks, following recent breaches targeting public and private firms.

The new policy aims to shift the federal government's approach from incidence response to prevention and advises the government to lead by example.

"Incremental improvements will not give us the security we need; instead, the federal government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life," the executive order states.

"The federal government must bring to bear the full scope of its authorities and resources to protect and secure its computer systems, whether they are cloud-based, on-premises, or hybrid."

The order directs federal agencies to adopt data encryption and multi-factor authentication within six months to make it difficult for threat actors to compromise their IT networks.

Agencies that fail to meet the deadline will be asked to provide written explanation for it.

The new policy also requires private firms providing IT service to the government departments and agencies to implement higher security standards and notify the law-enforcement agencies if their systems are breached by hackers.

There will be strict timelines for disclosure based on the severity of the incident.

The order also mandates establishing a Cybersecurity Safety Review Board that will include federal officials from the Department of Justice, the Department of Defense, NSA, FBI, and CISA, as well as representative from private sector. The members of the board will meet following a "significant" cyber incident to analyse security weaknesses before making further recommendations.

The Biden administration also announced on Thursday that it planned to create a new task force that will crack down on cyber groups that use ransomware.

"Our Justice Department has launched a new task force dedicated to prosecuting ransomware hackers to the full extent of the law," Biden said.

The new executive order has come in the wake of a number of devastating hacks, including the SolarWinds hack, Microsoft Exchange Server attacks, and the recent Colonial Pipeline attack.

Bloomberg reported on Thursday that Colonial Pipeline paid nearly $5 million (about £3.55 million) ransom to Eastern European hackers last Friday, after a devastating ransomware attack forced the shutdown of its major pipeline supplying fuel to the East Coast.

Earlier this week, the company said that it had no intention of paying ransom to cyber criminals to help restore its systems.

When asked by reporters if he had been briefed on Colonial's ransom payment, Biden told Bloomberg that he had "no comment on that."

However, the president promised action against hackers, saying he would discuss the issue with Russia. "We have been in direct communication with Moscow for the imperative for responsible countries to take decisive action against these ransomware networks," he said

In December, suspected Russian hackers breached the computer networks of the US Treasury Department and other federal agencies in a SolarWinds cyber-espionage campaign that also targeted dozens of private firms in the US.

The hackers also allegedly breached email accounts belonging to the former acting head of the Department of Homeland Security (DHS) and senior members of the DHS's cybersecurity division (CSD).

The attack led to the US Treasury Department sanctioning six Russian technology firms that it said were aiding government hackers engaged in "dangerous and disruptive cyber attacks."