US President Joe Biden today issued a national security memorandum designed to help strengthen the security of critical infrastructure by setting baseline performance goals for critical infrastructure owners and operators.
The memorandum comes as a response to recent attacks worldwide, including ransomware attacks on Colonial Pipeline and JBS Foods in the United States that revealed significant vulnerabilities across US infrastructure, largely owned and operated by private sector orgs.
It directs the Department of Homeland Security’s CISA and the Department of Commerce’s NIST, in collaboration with other federal agencies, to develop cybersecurity performance goals and guidance for critical infrastructure orgs.
“We expect those standards will assist companies responsible for providing essential services like power, water, and transportation to strengthen their cybersecurity,” a White House statement said.
“Responsible critical infrastructure owners and operators should be following voluntary guidance as well as mandatory requirements in order to ensure that the critical services the American people rely on are protected from cyber threats,” a senior administration official added.
The memorandum directs @CISAgov and @NISTcyber to set clear goals & guidance for critical infrastructure orgs to develop strong cybersecurity practices. We can set the goals, but we need companies to do their part to meet them. The American people are counting on it.
— Jen Easterly (@CISAJen) July 28, 2021
Private sector urged to join federal government’s efforts
Today’s NSM also establishes the President’s Industrial Control System Cybersecurity (ICS) Initiative, a voluntary, collaborative effort between the critical infrastructure community and the federal government launched in mid-April to facilitate the deployment of technology providing threat visibility, indicators, detections, and warnings.
The ICS initiative has already led to over 150 electricity utilities representing roughly 90 million customers deploying or agreeing to deploy control system cybersecurity technologies in the future.
“These are the technologies that, had they been in place, would have blocked what occurred at Colonial Pipeline in that they connect the operational technology side of the network to the IT side of the network,” a senior administration official further explained. “The action plan for natural gas pipelines is underway, and additional initiatives for other sectors will follow later this year.”
The private sector (including all responsible critical infrastructure owners and operators) is urged to adopt the new goals and guidance CISA and NIST will outline as part of a shared effort to secure the USA’s critical infrastructure.
This National Security Memorandum, the ICS Cybersecurity Initiative, TSA’s Security Directives, and foundationally, the President’s Executive Order on Improving the Nation’s Cybersecurity that he signed back in May all are parts of our focused and aggressive continuing effort to address these significant threats to our nation within that first line of modernizing defense of our cybersecurity — of the administration’s cybersecurity strategy. — Senior Biden administration official
Severe security breaches could escalate to real war
Yesterday, President Joe Biden warned that cyberattacks leading to severe security breaches could escalate to a “real shooting war” with another major world power.
“You know, we’ve seen how cyber threats, including ransomware attacks, increasingly are able to cause damage and disruption to the real world,” Biden said during a speech at the National Counterterrorism Center of the Office of the Director of National Intelligence.
“I can’t guarantee this, and you’re as informed as I am, but I think it’s more likely we’re going to end up — well, if we end up in a war, a real shooting war with a major power, it’s going to be as a consequence of a cyber breach of great consequence.”
Biden’s remarks come after a NATO statement from mid-June that compared the impact of “significant” cyberattacks to “armed attacks.”
“We reaffirm that a decision as to when a cyber attack would lead to the invocation of Article 5 would be taken by the North Atlantic Council on a case-by-case basis,” the NATO communiqué said.
“Allies recognise that the impact of significant malicious cumulative cyber activities might, in certain circumstances, be considered as amounting to an armed attack.