Home

Biden order to beef up US cyber defences

Christopher Bing and Nandita BoseAAP
A digital extortion attempt against Colonial Pipeline triggered panic buying and fuel shortages.
Camera IconA digital extortion attempt against Colonial Pipeline triggered panic buying and fuel shortages. Credit: EPA

President Joe Biden has ordered the creation of an air accident-style cyber review board and the imposition of new software standards for government agencies following a spate of digital intrusions that have rattled the United States.

The executive order's initiatives include the creation of a organisation that would investigate major hacks along the lines of National Transportation Safety Board inquiries that are launched after plane crashes.

They also include the imposition of new security standards for software bought by government agencies - a requirement first reported by Reuters in March.

The order follows a digital extortion attempt against major fuel transport company Colonial Pipeline that triggering panic buying and fuel shortages in the southeastern United States.

Get in front of tomorrow's news for FREE

Journalism for the curious Australian across politics, business, culture and opinion.

READ NOW

Some recommendations were clearly aimed at avoiding a repeat of the hack of Texas software company SolarWinds, whose software was hijacked to break into government agencies and steal thousands of officials' emails.

The software rules - which are due to be drawn up by the US National Institute of Standards and Technology - were among the most important parts of the order, said Kiersten Todt, the managing director of the Cyber Readiness Institute.

"It's using the government's buying power to improve the security of software," Todt said, saying that if drafted correctly, the rules "will be a game changer in security".

Other rules imposed by the order mandate the use of multi-factor authentication - effectively a second failsafe password - and the use of encryption both for stored data and communications.

The order follows an series of dramatic or damaging hacks against American interests. Beyond the digital ransom demand imposed on Colonial and the SolarWinds-linked compromises, foreign hackers have also used vulnerabilities in software made by Microsoft and Ivanti to extract data from US government targets.

Get the latest news from thewest.com.au in your inbox.

Sign up for our emails