US President Joe Biden on Wednesday signed an executive order on cybersecurity and protecting federal government networks from cyberattacks, according to a statement from press service of the National Security Council at the White House.
“Today, President Biden signed an Executive Order to improve the nation’s cybersecurity and protect federal government networks. Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals. These incidents share commonalities, including insufficient cybersecurity defenses that leave public and private sector entities more vulnerable to incidents,” the statement said.
The Executive Order “makes a significant contribution toward modernizing cybersecurity defenses by protecting federal networks, improving information-sharing between the U.S. government and the private sector on cyber issues, and strengthening the United States’ ability to respond to incidents when they occur”.
According to the report, Biden’s decree removes “barriers to threat information sharing between government and the private sector”, modernizes and implements stronger cybersecurity standards in the federal government, improves software supply chain security. Notably, “The Executive Order will improve the security of software by establishing baseline security standards for development of software sold to the government, … Too much of our software, including critical software, is shipped with significant vulnerabilities that our adversaries exploit.”
At the same time, the order was designed to establish a cybersecurity safety review board. “This board is modeled after the National Transportation Safety Board, which is used after airplane crashes and other incidents,” the statement said. A standard playbook for responding to cyber incidents will also be created with “a set of definitions for cyber incident response by federal departments and agencies”.
Recently, the United States has faced a number of cybersecurity incidents. At the end of 2020, SolarWinds software was hacked. According to Politico, this cyberattack exposed serious vulnerability of computer government networks. An attack in March this year exploiting a vulnerability in Microsoft’s Exchange Server software allowed hackers to gain access to email accounts of many companies. In addition, Colonial Pipeline, the largest pipeline company in the United States, was attacked by cybercriminals last week, causing disruptions in the supply of fuel throughout the country.