(National Sentinel) Cyber Security: A day before a global ransomware attack crippled the National Health Service in Britain and struck Russian government offices as well as institutions in dozens of other countries, President Donald J. Trump signed an executive order instructing federal department heads to focus on strengthening cyber security.
The order, titled, “Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” instructs agencies to utilize “The Framework for Improving Critical Infrastructure Cybersecurity (the Framework) developed by the National Institute of Standards and Technology, or any successor document, to manage the agency’s cybersecurity risk.”
In particular, as reported by the Washington Free Beacon, the president is particularly concerned about potential vulnerabilities in the U.S. power grid:
President Trump ordered the federal government to prepare for a devastating cyber attack against America’s electric grid amid growing fears foreign states are set to carry out attacks aimed at plunging the nation into darkness.
[The order directs] key federal agencies to assess preparations for a prolonged power outage resulting from cyber attacks designed to disrupt the power grid.
Two days earlier, U.S Navy Adm. Mike Rogers, head of U.S. Cyber Command and the NSA, told a Senate committee that a number of nations, including Iran, were developing cyberwar capabilities to infiltrate critical U.S. infrastructure and that Iran and others have, in the past, carried out remote intrusions on isolated systems:
Rogers said destructive cyber attacks on critical infrastructure are one of his two worst case scenarios. The second involves the threat of cyber intrusions aimed at manipulating data within networks.
Iran tried to disrupt the function of a dam in upstate New York in 2013, and Russia has used industrial control malware called BlackEnergy to attack Ukraine’s electric grid, Rogers said.
“Infiltrations in U.S. critical infrastructure—when viewed in the light of incidents like these—can look like preparations for future attacks that could be intended to harm Americans, or at least to deter the United States and other countries from protecting and defending our vital interests,” Rogers said.
Trump’s order instructs federal agencies to report back by Aug. 9.
Homeland Security Adviser Tom Bossert told reporters at the White House in announcing the new order that the suspected China hack of the Office of Personnel Management in the fall of 2015 played a major role in triggering Trump’s order.
“We saw that with the OPM hack and other things,” he said. “We’ve got to move to the cloud and try to protect ourselves, instead of fracturing our security posture.”
Asked what would happen if critical U.S. systems were attacked, Bossert demurred.
“If somebody does something in the United States of America that we can’t tolerate, we will act.”