Joe Biden signed an executive order Wednesday in an effort to bolster U.S. cybersecurity defenses after a series of devastating hacks, including the Cy colonial pipeline attack, exposed vulnerabilities across businesses and governments.
“Recent cyber security incidents. . . The White House says U.S. public and private sector entities are increasingly exposed to the subtle malicious cyber activities of both state actors and cybercriminals, ”the White House said.
Under the order, federal agencies are required to introduce multi-factor authentication into their systems and encrypt all information within six months to make it more difficult for hackers to access their IT infrastructure.
The order also requires IT providers to meet higher security requirements and contract with the government to report to them if their systems have been violated. A senior administration official said there should be a strict deadline for publication on the sliding scale, depending on the severity of the incident.
A pilot of a new star rating system will also be launched for the software sold to the government, so that officials and the public can judge how secure it is.
Comes after taking action Solarwinds hack, In which Russian hackers hijacked American-made software to run espionage campaigns that targeted several companies, including the U.S. Department of Commerce and the Treasury, and agencies.
Earlier this year, it was raised that there were also Chinese state-backed hackers Management Phishing attacks on multiple targets using the recently revealed vulnerabilities in Microsoft software.
The order came after a group of cybercriminals launched a ransom attack in May after the Colon colonized East Coast pipeline was crippled and continued to run out of petrol and fuel. 5,500 mile pipeline system Activities have resumed On wednesday
The White House said in a statement that “these incidents share a common ground with inadequate cyber security protection, which puts the public and private sectors at risk.”
In an effort to streamline the flow of public cyber defense, the order seeks to introduce a “playbook” on how government agencies should respond to incidents and improve the following violations in logging and data-sharing.
It also sets up a private-public sector board to name the Cyber Security Safety Review Board, analyzing them after major cyber incidents have occurred and recommending that they not happen again.
The board, modeled on the National Transportation Safety Board, which investigates aircraft, aircraft and train accidents, will first be tasked with reviewing SolarWinds hacks, a senior administrative official said.