Biden signs executive order to strengthen U.S. cybersecurity defenses after Colonial Pipeline hack

President Joe Biden’s executive order comes as Colonial Pipeline continues to grapple with a crippling ransomware attack.

WASHINGTON —  President Joe Biden signed an executive order Wednesday aimed at strengthening U.S. cybersecurity defenses, a move that follows a series of sweeping cyberattacks on private companies and federal government networks over the past year.

The action comes as Colonial Pipeline continues to grapple with a crippling ransomware attack, which has led to widespread fuel shortages along the East Coast and prompted an all-of-government response.

The Colonial Pipeline hack is only the latest example of criminal groups or state actors exploiting U.S. cyber vulnerabilities. Last year, software from the IT company SolarWinds was breached, allowing hackers to gain access to communications and data in several government agencies.WATCH NOWVIDEO01:13Top U.S. and Russian diplomats speak following pipeline hack

The president’s executive order calls for the federal government and private sector to partner to confront “persistent and increasingly sophisticated malicious cyber campaigns” that threaten U.S. security.

Biden’s executive order takes a number of steps aimed at modernizing the nation’s cybersecurity:

• Requires IT service providers to tell the government about cybersecurity breaches that could impact U.S. networks, and removes certain contractual barriers that might stop providers from flagging breaches.
• Creates a standardized playbook and set of definitions for federal responses to cyber incidents.
• Pushes the federal government toward upgrading to secure cloud services and other cyber infrastructure, and mandates deployment of multifactor authentication and encryption with a specific time period.
• Improves security of software sold to the government, including by making developers share certain security data publicly.
• Establishes a “Cybersecurity Safety Review Board” comprising public- and private-sector officials, which can convene after cyber attacks to analyze the situation and make recommendations.
• Improves info-sharing within the federal government by enacting a government-wide endpoint detection and response system.

News of the president’s action came about an hour after Colonial announced it had restarted pipeline operations — though it will be days before fuel deliveries return to normal, the company said in a press release.

“Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal,” said the statement, which also thanked the Biden administration “for their leadership and collaboration.”

At the White House earlier Wednesday afternoon, President Joe Biden hinted his administration would soon have “good news” to share about its efforts to address the attack on Colonial.

The White House said Tuesday it was directing a “comprehensive federal response” aimed at restoring and securing U.S. energy supply chains in response to the incident.

On May 7, Colonial Pipeline paused its operations and notified federal agencies that it had fallen victim to a ransomware attack.

The assault, carried out by the criminal cyber group known as DarkSide, forced the company to shut down approximately 5,500 miles of pipeline, leading to a disruption of nearly half of the East Coast’s fuel supply.