By Abigail Huitzil

President Joe Biden signed an Executive Order on May 12, 2021 to strengthen federal government networks following recent cyber attacks that question the security of both public and private sectors. Following the recent problems faced by SolarWinds, Microsoft Exchange, and the Colonial Pipeline it was obvious that something needed to be done. These three major cybersecurity incidents portray that the United States’ public and private sectors are at risk for hostile cyber activity from executive imposters and cyber criminals.

Solar Winds
SolarWinds, a crucial U.S.information technology firm was the victim of a cyberattack that involved the SolarWinds Orion system. The hackers placed a malicious code into software updates issued by SolarWinds and sent them out on March 26, 2020. More than 18,000 SolarWinds clients established these groundless updates, resulting in it going undetected. The cyberattack impacted government agencies, such as the Pentagon and the Department of Homeland Security, not to mention, private companies, like Microsoft and Cisco, and other organizations, like the California Department of State Hospitals.

The purpose of the cyberattack remains a mystery, but for all we know, the main target was government agencies that utilize the SolarWinds IT management systems. This is a scary prospect for the government and for everyday consumers. Federal investigators and cybersecurity professionals have assumed that Russia’s Foreign Intelligence Service is most likely liable for the cyberattack. Though, Russia has denied participation in the act, of course.

“Malicious activities in the information space contradicts the principles of the Russian foreign policy, national interests and understanding of interstate relations”, stated the Russian government. Russia also stated, “Russia does not conduct offensive operations in the cyber domain.”

Naydelin Huelitl, a Passaic High School senior, has also expressed, “Getting hacked is very scary, knowing it is easy for hackers to do. Knowing your private information was leaked or stolen is frightening since it has happened to people, not only companies. These hackers have stolen money, credit cards, identification and many other things. I would want my information to be protected and difficult for these hackers to obtain.”

Microsoft Exchange
Comparatively, on March 2, 2021, Microsoft revealed that Hafnium, a Chinese state-sponsored hacking group, was accountable for exploiting holes in Exchange, a mail server designed by Microsoft. They were able to get access without directly interacting with those affected. Exchange is used by a variety of customers, including small businesses and state governments.

Hackers were able to get their hands on emails and insert malicious hardware for the purpose of spying on their targets, impacting around 30,000 customers. The purpose of the cyberattack remains unknown, but it is speculated that it might have been a practice run for a much larger attack. Proving the importance of strong passwords and multi-factor authentication.

Peter Firstbrook, a Gartner analyst, conveyed, “The hackers’ endgame is not the on-premises servers they put web shells in, but setting themselves up for future attacks of higher value targets those servers may be connected to.”

Ashley Rivera, a Passaic High School senior, has also stated, “Thinking about getting hacked is petrifying. When I think about hackers getting information from random people, it makes me feel unsafe thinking about them stealing my identity. When situations like this happen, it makes me doubt whether my passwords are strong enough and question if they are hacking into my phone. As a woman, this situation makes me feel paranoid since hackers could be spying on you, which can potentially lead to the issue of trafficking people.”

Colonial Pipeline
By the same token, the Colonial Pipeline, an American oil pipeline company, was attacked on May 7, 2021. The Colonial Pipeline hackers, also known as DarkSide, were able to access the system by stealing a single password for a VPN account, which ultimately affected the airline industry and caused a fear of gas shortage. VPN’s are capable of providing encrypted access into a corporate network.

Colonial Pipeline Chief Executive Joseph Blount stated, “In the case of this particular legacy VPN, it only had single-factor authentication. It was a complicated password, I want to be clear on that. It was not a Colonial123-type password.”

To continue, DarkSide acquired 100 gigabytes of data within two hours. Afterwards, DarkSide placed ransomware into the Colonial Pipeline IT network, which influenced the functionality of its computer systems. The hackers eventually demanded a ransom of 75 bitcoin, which was valued $4.4 million at the time. Colonial Pipeline paid the amount being asked for to get a hold of the decryption key and its systems. Fortunately, the FBI were able to track the bitcoin payment trail to regain the ransom. 64 of the 75 bitcoin were recovered.

Oliver Huitzil, a Passaic High School sophomore, has expressed, “Colonial Pipeline was asking to get hacked. Although they had a password, there was no two-factor authentication involved, which would have made it more difficult for hackers to hack. Their password was very weak, as you can see. Not to mention, the bitcoin can easily be traced down back to its receiver and with that information, you can find the location or the area where the hack was enabled. In this case, the hackers got outsmarted.”

Executive Order
The Executive Order will guarantee that technology service providers share information with the government, especially breach information. It will encourage the federal government to implement cloud services and zero-trust architecture, meaning that no application that affiliates with their architecture will be claimed as safe. Also, the use of security tools, such as multi-factor authentication and encryption. In like manner, the Executive Order will set security standards for software sold to the government itself. It will create a Cybersecurity Safety Review Board to inspect major cyber attacks and brainstorm suggestions for strengthening security.

The Executive Order promises to organize a playbook for cyber attack response. It will implement a government-wide endpoint detection and response system and cybersecurity event log rules. This is the first step to improving national security in order to reduce the amount of cyber attacks in the near future.

Combating Cyber Problems Way Before
In 1993, President Bill Clinton was urged by a panel of security experts to begin taking action about cyberthreats. As a result, several initiatives and policies were settled. The United States government has employed well-prepared people in cybersecurity roles, across many departments, such as the military sector.

The United States government has also developed strong relationships with federal agencies, such as the National Security Agency (NSA) and the Department of Homeland Security (DHS), who serve as cyber risk advisors. Not to mention, the presence of the United States Cyber Command (USCYBERCOM), which helps mold the Department of Defense’s cyber capabilities.

Furthermore, there are laws and standards, such as the Federal Information Security Management Act (FISMA), which orders federal agencies to outline a security and protection program. Last but not least, Information Sharing and Analysis Centers (ISACs) are responsible for sharing threat information with different sectors.

The appearance of these attacks having success in the United States from foreign actors is a scary proposition. We as a nation need to have secure systems and this executive order is a step in the right direction.