Biden moves to boost critical infrastructure cybersecurity

President Biden on Wednesday will sign a national security memorandum aimed at increasing cybersecurity for critical systems in the wake of major cyberattacks on companies such as Colonial Pipeline.

A senior administration official told reporters Tuesday night that the memorandum will require the Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology to work with other agencies in developing cybersecurity performance goals for critical infrastructure sectors.

Additionally, the memorandum will formally establish Biden’s industrial control systems (ICS) cybersecurity initiative, which is a voluntary collaboration between the government and the private sector to boost the use of technologies to protect against cyber threats and provide warnings and indicators of attack.

The ICS program was first launched in April as part of the Department of Energy kicking off a 100-day plan to protect the electric sector from cyberattacks.

The senior administration official told reporters that since then, more than 150 electricity utilities have either deployed or agreed to deploy new technologies aimed at preventing cyberattacks, with the utilities involved representing nearly 90 million U.S. residential customers. They noted that additional programs for specific sectors are planned for “later this year.”

“This is a public-private initiative effort with a focus to roll out these very specific technologies voluntarily by the private sector, close cooperation to really ensure we get these protections in place within the voluntary model that is in place for our cybersecurity for critical infrastructure today,” the official said.

The new memorandum comes as part of the Biden administration’s efforts to confront escalating cyberattacks in recent months that have at times endangered national security.

These attacks have included the ransomware attacks by Russian-linked cybercriminal groups on Colonial Pipeline and JBS USA, along with the more recent ransomware attack on software firm Kaseya that impacted up to 1,500 companies.

The attack on Colonial, which provides 45 percent of the East Coast’s gas, led to fuel shortages in multiple states and shone a light on the potential for hackers to cause major disruptions.

The senior administration official stressed that if the technologies encouraged by the ICS program had been in place at Colonial prior to the attack, the hackers would not have been successful.

“Federal cybersecurity regulation in the U.S. is sectoral, we have a patchwork of sector-specific statutes that have been adopted piecemeal,” the official told reporters. “Our current posture is woefully insufficient given the evolving threat we face today. We really kicked the can down the road for a long time.”

The memorandum is not the first step the Biden administration has taken to combat cyber threats.

Following the attack on Colonial, the Transportation Security Administration issued two security directives aimed at increasing pipeline cybersecurity, including requiring critical pipeline companies to disclose major cybersecurity incidents within 12 hours.

The administration also established an interagency task force earlier in the year to address the increase in ransomware attacks, and Biden signed an executive order in May aimed at strengthening the federal government against cyberattacks.

While the memorandum on Tuesday is voluntary, the official stressed that the administration expected critical owners and operators to ensure their systems are up to critical security standards.

“The point we want to make is the federal government cannot do this alone, securing our critical infrastructure requires a whole-of-nation effort, and industry has to do their part,” the official said. “These may be voluntary, but we hope and expect that all responsible critical infrastructure owners and operators will apply them.”