President Joe Biden signs executive order to strengthen U.S. cybersecurity defenses

Following the crippling ransomware attacks on Georgia-based Colonial Pipeline, United States President Joe Biden has signed an executive order aimed at strengthening U.S. cybersecurity defenses. The company operates 5,500 miles-long pipelines that can carry 3 million barrels of fuel per day between Texas and New York. The attack has led to widespread fuel shortages along the East Coast and panic buying in the southeastern United States.

colonial pipeline

Ransomware attacks are usually carried out using a trojan, which then spreads malware that blocks and encrypts files on a device or network that results in the system becoming inaccessible in most cases. The attackers then threaten to publish the victim's data or perpetually block access to it unless a ransom is paid.

The FBI confirmed that it believes the DarkSide ransomware is responsible for the attack on Colonial Pipeline. DarkSide is a criminal group with origins in Russia.

The White House said it was directing a “comprehensive federal response” in light of the recent attack. President Joe Biden’s executive order takes a number of steps for modernizing the nation’s cybersecurity defenses which include upgrading to secure cloud services and other cyberinfrastructure. It also mandates the deployment of multifactor authentication mechanisms and encryption with a specific time period in place. Software developers are even required to share certain security data publicly.

Colonial announced in a press release that although it has started pipeline operations, it will take several days for fuel deliveries to return to normal levels. President Biden's Energy Secretary Jennifer Granholm also tweeted the update after a phone call with Colonial CEO Tim Felt.

Colonial Pipeline's use of outdated on-premises Exchange Servers seem to be a potential attack vector, but it has not yet been confirmed that this was indeed the security vulnerability that led to the latest attack. Microsoft’s systems were also involved in the SolarWinds attack last year. Microsoft's President Brad Smith had described the cyberattack as “the largest and most sophisticated attack the world has ever seen.”

Even though Microsoft has published many advisories about the importance of keeping on-premises Exchange Servers up to date due to several vulnerabilities being exploited in the wild, many organizations have failed to do so leading to devastating cyberattacks.

Source: CNBC | Image: ANI News

Report a problem with article
Office logo on an orange and light grey background
Next Article

Office app on Android now supports voice recordings with transcription

MSI logo laid on top of solidifying lava
Previous Article

A fake MSI Afterburner download page is spreading malware

41 Comments - Add comment

Advertisement