For the Biden White House, the Colonial Pipeline has many elements of peril: Political peril as Americans along the East Coast line up to get gas; economic peril as the administration worries about the temporary effects on air travel and chemical production; and technological peril as experts try to figure out how a ransomware attack turned into a national security event.
President Biden will have to address all three issues when he speaks at the White House around noon. All week a parade of officials have been circulating to the podium in the press room to describe how they are seeking to get trucks, rail cars and cargo ships going until the pipeline is back to full operation. Mr. Biden was expected to welcome Wednesday afternoon’s restart of the Colonial Pipeline, but the pipeline has never before been entirely turned off in its nearly 60 year history — so no one knows what glitches may crop up as its service resumes.
The president may also touch on the long-brewing executive order on cybersecurity that was published on Wednesday night, which sets security standards for any company that is looking to sell software to the federal government.
The move is part of a broad effort to strengthen the United States’ defenses by encouraging private companies to practice better cybersecurity or risk being locked out of federal contracts. But the bigger effect may arise from its effects on the industry. Over time, the hope is that a federal rating on cybersecurity would become akin to the way automobiles get a safety rating or restaurants in New York get a health safety grade.
That is one element of how Mr. Biden plans to fortify American defenses, and the rise of ransomware has made it even more urgent. “Ransomware is an epidemic and companies still don’t do enough to protect themselves,” Sue Gordon, the former deputy director of national intelligence and a longtime C.I.A. analyst, said on Thursday at a conference held by The Cipher Brief. “They aren’t prepared and they haven’t thought through what they do if it happens. I think there’ll be a really interesting after-action report on Colonial Pipeline.”
But Mr. Biden also has a big decision to make, one that he is unlikely to discuss: The United States has the ability to turn its offensive cyberweapons against ransomware operators. Cyber Command, the military’s still-new force of cyberwarriors, went after TrickBot last fall, another ransomware group, to keep it from selling its services to groups seeking to disrupt the 2020 presidential election. Mr. Biden could order a similar strike on DarkSide, the group behind the Colonial hack, if it can find its infrastructure.
Author: David E. Sanger
This post originally appeared on NYT > U.S. News