The Biden administration is issuing new security guidance to critical infrastructure firms in an attempt to blunt the impact of ransomware and other hacks, following a series of attacks on US companies.
The recommendations, which are expected to be be released by the departments of Commerce and Homeland Security on Wednesday, are aimed at protecting the computer systems that end up in sensitive US facilities from hacking.
The baseline security measures are needed to “protect national and economic security, as well as public health and safety,” the departments said in a statement. The recommendations include having protocols in place to identify cybersecurity risks and for companies to regularly drill for cyberattacks on their networks.
President Joe Biden ordered the agencies to develop the security goals and recommendations in a July national security memorandum.
White House officials have placed greater emphasis on industrial cybersecurity following a February incident at a water treatment plant in the Tampa Bay area. A still-unidentified hacker breached the plant’s computer system and tried to raise the water’s sodium hydroxide level to a potentially dangerous level. Officials at the facility caught the intrusion before any harm was done.
The target audience of the new recommendations are the operators of industrial control systems — the hardware and software that oil companies and other critical infrastructure firms use to move their product across the country. The measures are voluntary, as opposed to the mandatory cybersecurity regulations that the Biden administration imposed on pipeline operators in May following the ransomware attack on Colonial Pipeline.
Many big oil, gas and electricity firms have extensive cybersecurity programs. But US officials are also trying to reach the numerous firms with less resources that operate critical infrastructure.
Hackers have also shown that they don’t need to breach control systems to impact critical business operations. For example, alleged Russian criminals forced Colonial Pipeline, a major US fuel provider, to shut down for days in May by locking up the company’s IT systems.
The breach brought scrutiny of Colonial Pipeline’s cybersecurity practices after the company conceded that the hackers accessed its systems using a single stolen password. Colonial Pipeline has defended its cybersecurity work, saying it has invested in a robust defensive program.
The cybersecurity guidance from the Biden administration comes on the heels of the latest ransomware attack on a US food distributor. New Cooperative, a grain cooperative with 60 locations in Iowa, said Monday that it had taken its computers offline after Russian-speaking hackers encrypted them.
™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.