US President Joe Biden has signed an executive order that advances federal cyber-security capabilities and encourages improvements in digital security standards across the private sector which has been hit by a spate of cyber-attacks.
The executive order establishes a series of initiatives designed to better equip federal agencies with cyber-security tools.
It follows a cyber-attack against the Colonial Pipeline that caused some internal computer systems to be disabled with ransomware.
This led Colonial to shut the pipeline, triggering fuel shortages and panic buying in various parts of southeastern United States.
On Wednesday, Atlanta-based Colonial said it “initiated the restart of pipeline operations at 5pm ET”.
The order also requires that software companies selling to the government maintain certain cyber-security standards in their products and report whether they themselves have been compromised by hackers.
The requirement was first reported by Reuters in March.
A senior administration official described the executive order as having a “very significant” impact on the government’s ability to detect and respond to hacking incidents.
“It reflects a fundamental shift in our mindset from incident response to prevention, from talking about security to doing security, setting aggressive but achievable goals,” the official said.
The pipeline cyber-attack is the latest in a string of cyber incidents against US companies and government agencies over the last six months.
In December, a Russian supply-chain hacking operation became public which burrowed into nine federal agencies.
More recently, the government has been investigating a different hacking campaign with ties to China that affected five civilian agencies.
“It’s hard to learn from each incident and ensure that broadly government and companies have information to protect themselves,” said the official. “So, we have pushed the authority as far as we could and said anybody doing business with the US government will have to share incidents, so that we can use that information to protect Americans.”
Senator Mark Warner, a Democrat, who chairs the Senate Intelligence Committee, said the executive order is a good first step but the United States “is simply not prepared to fend off state-sponsored or criminal hackers intent on compromising our systems for profit or espionage”.
“Congress is going to have to step up and do more to address our cyber vulnerabilities,” he said.


Colonial Pipeline paid hackers nearly $5mn in ransom: Bloomberg News

Colonial Pipeline paid nearly $5mn to Eastern European hackers last Friday after a crippling cyber-attack that shut the largest fuel pipeline network in the United States, Bloomberg News reported, citing two people familiar with the transaction.
The company paid the ransom in untraceable cryptocurrency within hours after the attack, according to the report.
Colonial Pipeline did not immediately respond to a Reuters request for comment.
The hackers provided the pipeline operator with a decrypting tool to restore its disabled computer network after they received the payment, but the company used its own back-ups to help restore the system since the tool was slow, Bloomberg News reported.
Critics contend that paying ransom encourages attacks. – Reuters