Security News

President Joe Biden signed an Executive Order Wednesday designed to better protect the federal government's networks from cyberattacks, following the attack this week on the Colonial Pipeline. The goal of the EO is to modernize cybersecurity defenses by protecting federal networks and improving information-sharing between the government and private entities on cyber matters.

President Biden signed an executive order to improve government cybersecurity, setting new security standards for software sold to the federal government. For the first time, the United States will require all software purchased by the federal government to meet, within six months, a series of new cybersecurity standards.

In the wake of the DarkSide cyberattack, President Biden signed an executive order Wednesday aimed at bolstering the federal government's cyber defenses as the administration juggles a number of digital attacks including SolarWinds and last week's ransomware incident against a major fuel pipeline causing lasting gas shortages. As of 5 p.m. on Wednesday evening, Colonial was sputtering back to life after closing the fuel faucet to the eastern and southern U.S.; the FBI and the Cybersecurity and Infrastructure Security Agency had issued a joint advisory about the threat actor - DarkSide - that mugged the company; and five affiliated crooks that rent DarkSide ransomware had been fingered by Mandiant FireEye.

President Biden signed an executive order Wednesday to modernize the country's defenses against cyberattacks and give more timely access to information necessary for law enforcement to conduct investigations. This executive order follows the numerous cyberattacks targeting US interests this year, including the SolarWinds supply chain attacks in December and the more recent DarkSide ransomware attack against the largest US fuel pipeline, Colonial Pipeline.

President Joe Biden on Monday sent a letter to the House of Representatives and the Senate to extend an executive order regarding sanctions issued in response to cyberattacks. Executive Order 13694, issued in 2015 by president Barack Obama, enables authorities to block the property of entities engaging in "Significant malicious cyber-enabled activities."

The U.S. federal government is mulling changes to up its cybersecurity software game in the wake of the sprawling SolarWinds cyberattacks that came to light in December, including requiring data-breach notifications. In a draft executive order from President Joe Biden, software companies would be required to disclose any security issues to government users, according to a report from Reuters.

A proposed executive order would set new rules on the disclosure of data breaches that also affect United States government agencies, according to a Reuters news report. The report said the executive order, which could be released as soon as the next week, would require software vendors to notify U.S. government customers of cyber-security breaches that also affect them.

In one of former President Donald Trump's last acts in office, he signed an executive order that forces US cloud companies to keep track of any foreign customers. The executive order also allows the Department of Commerce to block certain IaaS companies from providing services to known hackers, people known to have sold accounts to hackers, or people from countries that have been the source of many cloud-enabled cyberattacks.

Abstract: Executive Order 12,333 is a 1980s Executive Order signed by President Ronald Reagan that, among other things, establishes an overarching policy framework for the Executive Branch's spying powers. Although electronic surveillance programs authorized by EO 12333 generally target foreign intelligence from foreign targets, its permissive targeting standards allow for the substantial collection of Americans' communications containing little to no foreign intelligence value.

A new executive order signed on Friday by U.S. President Donald Trump prohibits the acquisition of bulk-power system equipment that could contain intentional backdoors planted by foreign adversaries. Incidents where threat actors targeted a country's power grid and even caused disruptions are not unheard of, and even the United States reportedly targeted Russia's grid in such attacks.