[ad_1]
Joe Biden (Joe Biden) signed an executive order on Wednesday to strengthen US cybersecurity defenses, after a series of devastating hacking incidents, including colonial pipeline attacks, exposed the vulnerabilities of businesses and governments.
“Recent cybersecurity incidents… shockingly remind us that American public and private sector entities are increasingly facing complex malicious cyber activities from nation-state actors and cybercriminals,” the White House said.
According to the order, federal agencies will be required to introduce multi-factor authentication into their systems and encrypt all data within six months to make it more difficult for hackers to penetrate their IT infrastructure.
The order also requires IT providers contracted with the government to meet higher security requirements and report to them when their systems are compromised. A senior administrative official said that depending on the seriousness of the incident, there will be a strict timetable for disclosure.
A pilot project of a new star rating system for software sold to the government will also be launched so that officials and the public can judge its safety.
These measures are in SolarWinds HackAmong them, Russian hackers hijacked software made in the United States to carry out espionage activities against dozens of companies and agencies including the US Department of Commerce and the Treasury.
Earlier this year, there were signs that hackers supported by the Chinese government were also get on By exploiting recently disclosed vulnerabilities in Microsoft software, implicit attacks are carried out on multiple targets.
The order was issued after a ransomware attack by a group of cybercriminals on May 7 disrupted an important East Coast oil pipeline operated by Colonial, causing a shortage of gasoline and fuel. 5,500 miles of pipeline system Resume operations on Wednesday.
The White House said: “These incidents have something in common, including inadequate cyber security defense measures, making public and private sector entities more susceptible to incidents.”
In order to simplify the government’s cyber defense, the order seeks to introduce “manuals” that explain how government agencies should respond to incidents, as well as improve logging and information sharing after violations.
It also established a private-public sector committee called the “Cyber Security Review Committee” to analyze the situation after a large-scale cyber incident and make recommendations to prevent it from happening again.
The senior administrative official said that the commission, modeled on the National Transportation Safety Commission investigating plane and train crashes, will first be responsible for reviewing SolarWinds’ hacking.
[ad_2]
Source link
