WASHINGTON (AP) – A senior Biden administration official says the government is making new efforts to help power utilities, water districts and other potential industries protect themselves from potentially harmful cyberattacks.
“Our goal is to ensure that the management systems serving more than 50,000 Americans have the basic technology to detect and block malicious cyber activity,” said National Security Adviser Anne Neuberg in an interview with the Associated Press on Thursday. “It’s in the sentence. A simple, clear goal, but it takes a lot of work to get there. ”
Public-private partnerships reflect the administration’s concerns about vulnerabilities to hacking systems, including power grids and water treatment plants, that could have catastrophic consequences for American life. Although there is a history of working with utilities, officials believe the threat has grown as more utilities connect to the Internet. Եւ The Biden administration wants to make rapid progress in protecting utility control systems.
At the same time, the administration has responded to two major cyber-attacks in the first 60 days. In the first, Russian hackers cracked a malicious code in a software update that was pushed out by thousands of government agencies, including private companies. The second even more common hackers affected the Microsoft Exchange email program.
Microsoft created a one-click tool to fix the problem after the White House encouraged the company to find a simple way to clean up the massacre. As a result, the number of compromising materials fell from 100,000 to less than 10,000, “it is constantly falling,” Neuberg said.
He said the idea was whether Microsoft could run all the damaged systems to effectively “vaccinate” them. Although it was decided that in this case it will not succeed, the government will continue to work with the private sector to find possible future corrections.
Neuberg is also a key figure in the administration’s response to the so-called SolarWinds crackdown, in which suspected Russian hackers broke into at least nine different federal agencies. The Associated Press reported this week that hackers had accessed e-mail accounts belonging to the Trump administration’s director of internal security and members of the department’s cyber security staff whose jobs included threats of hunting from abroad.
Neuberger said there were “gaps” in the core cybersecurity protection of some of the nine affected agencies, preventing officials from identifying hackers.
He said the administration has identified five specific upgrade efforts to review SolarWinds hacking, including the use of technology that continuously monitors malicious activity and calls for more multifunctional authentication so that systems are not only accessible to stolen passwords.
The critical infrastructure threat was lifted in February after hackers attempted to poison Florida’s small town’s water supply, raising alarms about how vulnerable the country’s utilities are to more sophisticated intruders.
The local sheriff says that the water supply of Oldsmar, with a population of 15,000, was in jeopardy in a short time when an unknown hacker used a remote access program distributed by the factory workers to increase the amount of sodium hydroxide by 100% in a short time. It is used to reduce acidity, but in high concentrations it is very spicy and can burn. It is found in drainage products.
Super Month 13: At around 30, the plant console monitor saw that the cursor was moving across the screen, changing settings, and was able to reverse it immediately. The intruder entered in five minutes. Suspicious incidents are rare, usually due to mechanical or procedural errors, experts say. There are no federal reporting requirements, և state և local rules are very different.
The nation’s 151,000 public water systems do not have the financial enrichment of nuclear power plant owners. They are a heterogeneous patch, less homogeneous in terms of technology and security than in other rich countries.
On Wednesday, the federal prosecutor’s office charged a Kansas resident with allegedly unauthorized access to a computer system in a rural watershed, “taking actions that interrupt the facility, which affects the cleaning and disinfection of facilities.”