Republica Press

Your Business & Political News

REPUBLICA PRESS
Your Business & Political News

Hacking

Suzanne Scott’s Vision for Fox News Gets Tested in Court

by

The Murdochs, however, have been forced to make hard choices about even their most favored chief executives when scandal overwhelms. In 2010, Rupert Murdoch, the chairman of Fox Corporation, reluctantly pushed out Rebekah Brooks, who ran his British newspapers and was a close protégé, amid a police investigation into phone hacking by journalists who worked for her.

How Times reporters cover politics. We rely on our journalists to be independent observers. So while Times staff members may vote, they are not allowed to endorse or campaign for candidates or political causes. This includes participating in marches or rallies in support of a movement or giving money to, or raising money for, any political candidate or election cause.

Ms. Scott maintains a much more discreet profile than her predecessor, Roger Ailes, a whisperer to Republican presidents who cultivated a Svengali-like image in the media before numerous accusations of sexual harassment led to his downfall.

She grew up in Northern New Jersey, where she lives today with her husband and teenage daughter. Her first job for Fox was as an assistant to one of Mr. Ailes’s top deputies. Her first big promotion was to a senior producer position on Greta Van Susteren’s show. She would go on to oversee network talent, and then programming.

Colleagues say she pays careful attention to what’s on Fox, often watching from her office with the sound off and occasionally offering advice to producers and hosts on how sets could look better, outfits sharper and guests could be more compelling.

Under her direction, Fox News has maintained not only one of the biggest audiences in cable but in all of television, occasionally drawing more viewers than traditional broadcast networks like ABC. And Fox News collects far higher ad rates than its competitors — an average of almost $9,000 for a 30-second commercial in prime time, compared with about $6,200 for CNN and $5,300 for MSNBC, according to the Standard Media Index, an independent research firm. (The writer of this article is an MSNBC contributor.)

As chief executive, Ms. Scott has adopted a mostly deferential view of dealing with talent, current and former hosts said.

Mr. Ailes believed that no host should ever assume they were bigger than the network — or him. In 2010, for instance, after Mr. Hannity made plans to broadcast his show from a Tea Party rally in Cincinnati where organizers had billed him as the star attraction, Mr. Ailes ordered the host to scrap his plans and return to New York, threatening to “put a chimpanzee on the air” if he didn’t make it back in time, recalled one former Fox employee.

View

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Twitter Whistleblower Testifies Before Congress Over Security Flaws

by

By Associated Press

and Newsy Staff
September 13, 2022

Former Twitter security chief Peiter Zatko alleges that the social media platform ignored engineers and led them to “prioritize profit over security.”

A former security chief at Twitter told Congress that the social media platform is plagued by weak cyber defenses, privacy threats and the inability to control millions of fake accounts. Peiter “Mudge” Zatko, a respected cybersecurity expert, appeared before the Senate Judiciary Committee to lay out his allegations Tuesday.

“Twitter’s misleading the public, lawmakers” and regulators, Zatko said as he began his sworn testimony.

“They don’t know what data they have, where it lives and where it came from and so, unsurprisingly, they can’t protect it,” Zatko said. “It doesn’t matter who has keys if there are no locks.”

Zatko said “Twitter leadership ignored its engineers,” in part because “their executive incentives led them to prioritize profit over security.”

His message echoed one brought to Congress against another social media giant last year, but unlike that Facebook whistleblower, Frances Haugen, Zatko hasn’t brought troves of internal documents to back up his claims.

Related StoryFormer Twitter Security Chief Files Whistleblower ComplaintsFormer Twitter Security Chief Files Whistleblower Complaints

Zatko was the head of security for the influential platform until he was fired early this year. He filed a whistleblower complaint in July with Congress, the Justice Department, the Federal Trade Commission and the Securities and Exchange Commission. Among his most serious accusations is that Twitter violated the terms of a 2011 FTC settlement by falsely claiming that it had put stronger measures in place to protect the security and privacy of its users.

Sen. Dick Durbin, an Illinois Democrat who heads the Judiciary Committee, said Zatko has detailed flaws “that may pose a direct threat to Twitter’s hundreds of millions of users as well as to American democracy.”

“Twitter is an immensely powerful platform and can’t afford gaping vulnerabilities,” he said.

Unknown to Twitter users, there’s far more personal information disclosed than they — or sometimes even Twitter itself — realize, Zatko testified. He said “basic systemic failures” that were brought forward by company engineers were not addressed.

The FTC has been “a little over its head,” and far behind European counterparts, in policing the sort of privacy violations that have occurred at Twitter, Zatko said.

Related StoryMusk Subpoenas Twitter Whistleblower In Bid To Rescind AcquisitionMusk Subpoenas Twitter Whistleblower In Bid To Rescind Acquisition

Zatko’s claims could also affect Tesla billionaire Elon Musk’s attempt to back out of his $44 billion deal to acquire the social platform. Musk claims that Twitter has long underreported spam bots on its platform and cites that as a reason to nix the deal he struck in April.

Many of Zatko’s claims are uncorroborated and appear to have little documentary support. Twitter has called Zatko’s description of events “a false narrative … riddled with inconsistencies and inaccuracies” and lacking important context.

Among the assertions from Zatko that drew attention from lawmakers Tuesday was that Twitter knowingly allowed the government of India to place its agents on the company payroll, where they had access to highly sensitive data on users. Twitter’s lack of ability to log how employees accessed user accounts made it hard for the company to detect when employees were abusing their access, Zatko said.

Zatko also accuses the company of deception in its handling of automated “spam bots,” or fake accounts. That allegation is at the core of billionaire tycoon Elon Musk’s attempt to back out of his $44 billion deal to buy Twitter. Musk and Twitter are locked in a bitter legal battle, with Twitter having sued Musk to force him to complete the deal. The Delaware judge overseeing the case ruled last week that Musk can include new evidence related to Zatko’s allegations in the high-stakes trial, which is set to start Oct. 17.

Sen. Charles Grassley, the committee’s ranking Republican, said Tuesday that Twitter CEO Parag Agrawal declined to testify at the hearing, citing the ongoing legal proceedings with Musk. But the hearing is “more important than Twitter’s civil litigation in Delaware,” Grassley said. Twitter declined to comment on Grassley’s remarks.

In his complaint, Zatko accused Agrawal as well as other senior executives and board members of numerous violations, including making “false and misleading statements to users and the FTC about the Twitter platform’s security, privacy and integrity.”

Zatko, 51, first gained prominence in the 1990s as a pioneer in the ethical hacking movement and later worked in senior positions at an elite Defense Department research unit and at Google. He joined Twitter in late 2020 at the urging of then-CEO Jack Dorsey.

Additional reporting by The Associated Press.

: newsy.com

View

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Inside Twitter, Fears That Musk’s Views Will Revisit Past Troubles

by

Elon Musk had a plan to buy Twitter and undo its content moderation policies. On Tuesday, just a day after reaching his $44 billion deal to buy the company, Mr. Musk was already at work on his agenda. He tweeted that past moderation decisions by a top Twitter lawyer were “obviously incredibly inappropriate.” Later, he shared a meme mocking the lawyer, sparking a torrent of attacks from other Twitter users.

Mr. Musk’s personal critique was a rough reminder of what faces employees who create and enforce Twitter’s complex content moderation policies. His vision for the company would take it right back to where it started, employees said, and force Twitter to relive the last decade.

Twitter executives who created the rules said they had once held views about online speech that were similar to Mr. Musk’s. They believed Twitter’s policies should be limited, mimicking local laws. But more than a decade of grappling with violence, harassment and election tampering changed their minds. Now, many executives at Twitter and other social media companies view their content moderation policies as essential safeguards to protect speech.

The question is whether Mr. Musk, too, will change his mind when confronted with the darkest corners of Twitter.

The tweets must flow. That meant Twitter did little to moderate the conversations on its platform.

Twitter’s founders took their cues from Blogger, the publishing platform, owned by Google, that several of them had helped build. They believed that any reprehensible content would be countered or drowned out by other users, said three employees who worked at Twitter during that time.

“There’s a certain amount of idealistic zeal that you have: ‘If people just embrace it as a platform of self-expression, amazing things will happen,’” said Jason Goldman, who was on Twitter’s founding team and served on its board of directors. “That mission is valuable, but it blinds you to think certain bad things that happen are bugs rather than equally weighted uses of the platform.”

The company typically removed content only if it contained spam, or violated American laws forbidding child exploitation and other criminal acts.

In 2008, Twitter hired Del Harvey, its 25th employee and the first person it assigned the challenge of moderating content full time. The Arab Spring protests started in 2010, and Twitter became a megaphone for activists, reinforcing many employees’ belief that good speech would win out online. But Twitter’s power as a tool for harassment became clear in 2014 when it became the epicenter of Gamergate, a mass harassment campaign that flooded women in the video game industry with death and rape threats.

2,700 fake Twitter profiles and used them to sow discord about the upcoming presidential election between Mr. Trump and Hillary Clinton.

The profiles went undiscovered for months, while complaints about harassment continued. In 2017, Jack Dorsey, the chief executive at the time, declared that policy enforcement would become the company’s top priority. Later that year, women boycotted Twitter during the #MeToo movement, and Mr. Dorsey acknowledged the company was “still not doing enough.”

He announced a list of content that the company would no longer tolerate: nude images shared without the consent of the person pictured, hate symbols and tweets that glorified violence.

Alex Jones from its service because they repeatedly violated policies.

The next year, Twitter rolled out new policies that were intended to prevent the spread of misinformation in future elections, banning tweets that could dissuade people from voting or mislead them about how to do so. Mr. Dorsey banned all forms of political advertising, but often left difficult moderation decisions to Ms. Gadde.

landmark legislation called the Digital Services Act, which requires social media platforms like Twitter to more aggressively police their services for hate speech, misinformation and illicit content.

The new law will require Twitter and other social media companies with more than 45 million users in the European Union to conduct annual risk assessments about the spread of harmful content on their platforms and outline plans to combat the problem. If they are not seen as doing enough, the companies can be fined up to 6 percent of their global revenue, or even be banned from the European Union for repeat offenses.

Inside Twitter, frustrations have mounted over Mr. Musk’s moderation plans, and some employees have wondered if he would really halt their work during such a critical moment, when they are set to begin moderating tweets about elections in Brazil and another national election in the United States.

Adam Satariano contributed reporting.

View

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Volunteer Hackers Converge on Ukraine Conflict With No One in Charge

by

Ukraine has been more deliberate about recruiting a volunteer hacking force. In Telegram channels, participants cheer their collaboration with the government in going after targets such as Sberbank, the Russian state-owned bank. From Russia, where links between the government and hacking groups have long raised alarms among Western officials, there has not been the same kind of overt calls to action.

“We are creating an I.T. army,” Ukraine’s minister of digital transformation, Mykhailo Fedorov, tweeted on Saturday, directing cybersecurity enthusiasts to a Telegram channel that contained instructions for knocking Russian websites offline. “There will be tasks for everyone.” By Friday, the Telegram channel had more than 285,000 subscribers.

Inside the main English-language Telegram page for the I.T. Army of Ukraine is a 14-page introductory document providing details about how people can participate, including what software to download to mask their whereabouts and identity. Everyday, new targets are listed, including websites, telecommunications firms, banks and A.T.M. processors.

Yegor Aushev, the co-founder of the Ukrainian cybersecurity company Cyber Unit Technologies, said he was flooded with notes after posting on social media a call for programmers to get involved. His company offered a $100,000 reward for those who identify flaws in the code of Russian cyber targets.

Mr. Aushev said there were more than 1,000 people involved in his effort, working in close collaboration with the government. People were only allowed to join if somebody vouched for them. Organized into small groups, they were aiming to hit high-impact targets like infrastructure and logistics systems important to the Russian military.

“It’s become an independent machine, a distributed international digital army,” Mr. Aushev said. “The biggest hacks against Russia will be soon,” he added, without elaborating.

A government spokesman confirmed the work with Mr. Aushev.

Figuring out who is behind a cyberattack is always difficult. Groups falsely take credit or boast of a bigger impact than actually occurred. But this week there was a string of attacks against Russian targets. The country’s largest stock exchange, a state-controlled bank and the Russian Foreign Ministry were taken offline for a time after being targeted by Ukraine’s volunteer hackers.

View

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Uber Survived the Spying Scandal. Their Careers Didn’t.

by

The relationship was tense, Mr. Gicinto recalled, and both men seemed uneasy about sharing leadership.

Still, their work ramped up quickly. The group, which grew to include dozens of employees, wanted to keep track of Uber’s competitors overseas, whether they were taxi drivers or executives at the Chinese ride-hailing firm Didi. But they also needed to protect their own executives from surveillance, and fend off web-scraping operations, which used automated systems to collect information about Uber’s pricing and driver supply.

It was an overwhelming task. To keep up, the team outsourced some of the projects to intelligence firms, which sent contractors to infiltrate driver protests. Other work was done in house, as Uber built its own scraping system to gather large amounts of competitor data. Scraping public data is legal, but the law limits the use of such data for commercial purposes.

The team rushed to hire more staff, and Mr. Gicinto recruited people he knew from his time at the C.I.A.: a fellow agent, Ed Russo, and Jake Nocon, a former agent for the Naval Criminal Investigative Service, who met Mr. Gicinto when they worked at the Joint Terrorism Task Force in San Diego.

When Jean Liu, Didi’s chief executive, visited the Bay Area, Uber had her tailed. And when Travis Kalanick, Uber’s chief executive at the time, traveled to Beijing, employees tried to throw off Didi’s surveillance teams, shuttling Mr. Kalanick’s phones to other hotels so his location would ping in a place he wasn’t.

“To us, every bit of this was this game of helping our executives carry out their meetings without divulging who they were meeting,” Mr. Henley, who led Uber’s global threat operations, said. “And it was super fun, right? It was a cat-and-mouse game going back and forth.”

View

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

How China Transformed Into a Prime Cyber Threat to the U.S.

by

Nearly a decade ago, the United States began naming and shaming China for an onslaught of online espionage, the bulk of it conducted using low-level phishing emails against American companies for intellectual property theft.

On Monday, the United States again accused China of cyberattacks. But these attacks were highly aggressive, and they reveal that China has transformed into a far more sophisticated and mature digital adversary than the one that flummoxed U.S. officials a decade ago.

The Biden administration’s indictment for the cyberattacks, along with interviews with dozens of current and former American officials, shows that China has reorganized its hacking operations in the intervening years. While it once conducted relatively unsophisticated hacks of foreign companies, think tanks and government agencies, China is now perpetrating stealthy, decentralized digital assaults of American companies and interests around the world.

Hacks that were conducted via sloppily worded spearphishing emails by units of the People’s Liberation Army are now carried out by an elite satellite network of contractors at front companies and universities that work at the direction of China’s Ministry of State Security, according to U.S. officials and the indictment.

like Microsoft’s Exchange email service and Pulse VPN security devices, which are harder to defend against and allow China’s hackers to operate undetected for longer periods.

“What we’ve seen over the past two or three years is an upleveling” by China, said George Kurtz, the chief executive of the cybersecurity firm CrowdStrike. “They operate more like a professional intelligence service than the smash-and-grab operators we saw in the past.”

China has long been one of the biggest digital threats to the United States. In a 2009 classified National Intelligence Estimate, a document that represents the consensus of all 16 U.S. intelligence agencies, China and Russia topped the list of America’s online adversaries. But China was deemed the more immediate threat because of the volume of its industrial trade theft.

But that threat is even more troubling now because of China’s revamping of its hacking operations. Furthermore, the Biden administration has turned cyberattacks — including ransomware attacks — into a major diplomatic front with superpowers like Russia, and U.S. relations with China have steadily deteriorated over issues including trade and tech supremacy.

China’s prominence in hacking first came to the fore in 2010 with attacks on Google and RSA, the security company, and again in 2013 with a hack of The New York Times.

breach of the U.S. Office of Personnel Management. In that attack, Chinese hackers made off with sensitive personal information, including more than 20 million fingerprints, for Americans who had been granted a security clearance.

White House officials soon struck a deal that China would cease its hacking of American companies and interests for its industrial benefit. For 18 months during the Obama administration, security researchers and intelligence officials observed a notable drop in Chinese hacking.

After President Donald J. Trump took office and accelerated trade conflicts and other tensions with China, the hacking resumed. By 2018, U.S. intelligence officials had noted a shift: People’s Liberation Army hackers had stood down and been replaced by operatives working at the behest of the Ministry of State Security, which handles China’s intelligence, security and secret police.

Hacks of intellectual property, that benefited China’s economic plans, originated not from the P.L.A. but from a looser network of front companies and contractors, including engineers who worked for some of the country’s leading technology companies, according to intelligence officials and researchers.

It was unclear how exactly China worked with these loosely affiliated hackers. Some cybersecurity experts speculated that the engineers were paid cash to moonlight for the state, while others said those in the network had no choice but to do whatever the state asked. In 2013, a classified U.S. National Security Agency memo said, “The exact affiliation with Chinese government entities is not known, but their activities indicate a probable intelligence requirement feed from China’s Ministry of State Security.”

announced a new policy requiring Chinese security researchers to notify the state within two days when they found security holes, such as the “zero-days” that the country relied on in the breach of Microsoft Exchange systems.

arrested its founder. Two years later, Chinese police announced that they would start enforcing laws banning the “unauthorized disclosure” of vulnerabilities. That same year, Chinese hackers, who were a regular presence at big Western hacking conventions, stopped showing up, on state orders.

“If they continue to maintain this level of access, with the control that they have, their intelligence community is going to benefit,” Mr. Kurtz said of China. “It’s an arms race in cyber.”

View

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

E.U. and Britain Move to Impede Belarus’s Access to Air Travel

by

Airlines are often forced to adjust operations in response to major disruptions, geopolitical and otherwise. This month, for example, several U.S. airlines canceled flights to and from Israel as a conflict there escalated. Some carriers also adjusted procedures, including adding fueling stops, after the hacking of a fuel pipeline company that serves airports on the East Coast of the United States.

In 2014, nearly 300 people were killed when Malaysia Airlines Flight 17 was shot down over Ukraine, where hostilities were raging, on its way to Kuala Lumpur from Amsterdam. Western governments blamed the Russian government and Russian-backed rebels fighting the Ukrainian government, while Moscow denied involvement. The Netherlands sued Russia in the European Court of Human Rights last year in an effort to secure evidence that would be useful to families of the victims.

From 2017 until this year, Qatar Airways was forced to avoid airspace over Saudi Arabia and several neighboring countries after they imposed an air, land and sea embargo against Qatar. In some cases, that meant flying longer routes around the Arabian Peninsula. The neighbors accused Qatar of supporting terrorism. Qatar has denied those accusations.

The movement to isolate Belarus will have little effect on U.S. passenger airlines, which rarely fly over the country, according to Flightradar24. Secretary of State Antony J. Blinken condemned the forced landing of the Ryanair flight, calling it a “shocking act” that “endangered the lives of more than 120 passengers, including U.S. citizens.” Transportation Secretary Pete Buttigieg said the safety of U.S. flights over Belarus should be assessed.

But cargo carriers could be affected. On Sunday, for example, more than a dozen flights operated by U.S. airlines flew over Belarus, according to Flightradar24, including five by FedEx, four by UPS and two by Atlas Air.

In a statement, UPS said that its network remained unaffected, but that it was “evaluating other flight route options that will provide for the safety of our crews and aircraft, as well as maintain service for our customers” in case it had to make changes. FedEx said it was “closely monitoring the issue.”

The International Federation of Air Line Pilots’ Associations and the European Cockpit Association said in a statement that aviation authorities should investigate what had happened and “take swift measures” to prevent similar disruptions. They described Sunday’s episode as a “hazard to the safety of passengers and crew.”

View

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

Colonial Pipeline Now Delivering ‘Millions of Gallons’ an Hour, Owner Says

by

HOUSTON — The Colonial Pipeline, which delivers nearly half the transportation fuel to the Southeast and New York area, resumed full operations on Saturday, eight days after it was shut down by a ransomware attack.

It will still take days before gasoline stations around Washington, D.C., and the Southeast return to normal service, since nearly 2,000 outlets ran out of fuel and it takes time to restock.

Prices at the pump have stabilized, though. Average prices of regular gasoline in Tennessee and South Carolina, two of the hardest hit states, rose by only a penny on Saturday, according to the AAA motor club. Nationwide, gasoline prices remained stable at $3.04, eight cents higher than a week ago. Prices in the states most affected by the shutdown rose by as much as 20 cents a gallon in the last week.

“We have returned the system to normal operations, delivering millions of gallons per hour to the markets we serve,” the operator of the pipeline said on Twitter.

nearly $5 million in Bitcoin to recover its stolen data.

On Friday, DarkSide said it was shutting down because of unspecified “pressure” from the United States.

View

DarkSide, Blamed for Colonial Pipeline Attack, Says It Is Shutting Down

by

Since the DarkSide account was opened in March, Elliptic said, it had received $17.5 million from 21 Bitcoin wallets, indicating the number of ransoms it had collected just this spring. Cybersecurity analysts assess that the group has been active since at least August, and has most likely used a number of different Bitcoin wallets to receive ransoms.

The intense scrutiny that followed the Colonial Pipeline attack has clearly unsettled ransomware groups. This week, the operators behind two major Russian-language ransomware platforms, REvil and Avaddon, announced strict new rules governing the use of their products, including bans on targeting government-affiliated entities, hospitals or educational institutions.

The administrator of XSS, a popular Russian-language cybercrime forum, announced an immediate ban on all ransomware activity on the forum, citing, among other things, the bad press associated with the industry. In a statement posted in the forum, the administrator called the attention a “critical mass of harm, nonsense, hype and noise,” saying even the spokesman for President Vladimir V. Putin of Russia had weighed in on the Colonial Pipe attack. (The spokesman, Dmitri S. Peskov, denied that the Kremlin had been involved in the attack on the pipeline.)

“The word ransom has become associated with a whole series of unpleasant things — geopolitics, blackmail, government cyberattacks,” the XSS administrator wrote. “This word has become dangerous and toxic.”

Even if DarkSide has shut down, the threat from ransomware has not passed. Cybercriminal networks often disband, regroup and rebrand themselves in an effort to throw off law enforcement, cybersecurity experts say.

“It’s likely that these ransomware operators are trying to retreat from the spotlight more than suddenly discovering the error of their ways,” said Mark Arena, Intel 471’s chief executive. “A number of the operators will most likely continue to operate in their own close-knit groups, resurfacing under different aliases and ransomware names.”

Indeed, DarkSide gave no indication that its members were getting out of the ransomware business or even letting victims currently infected with the group’s malware off the hook. In its statement, DarkSide said it would hand over its decryption tools to affiliates, giving these intermediaries, who were responsible for infecting computer systems with the group’s malicious software, the ability to negotiate ransoms with victims directly.

“You will be given decryption tools for all the companies that haven’t paid yet,” the statement read. “After that, you will be free to communicate with them wherever you want in any way you want.”

Julian Barnes contributed reporting.

View

Biden Signs Executive Order to Bolster Federal Government’s Cybersecurity

by

WASHINGTON — As the East Coast suffered from the effects of a ransomware attack on a major petroleum pipeline, President Biden signed an executive order on Wednesday that placed strict new standards on the cybersecurity of any software sold to the federal government.

The move is part of a broad effort to strengthen the United States’ defenses by encouraging private companies to practice better cybersecurity or risk being locked out of federal contracts. But the bigger effect may arise from what could, over time, become akin to a government rating of the security of software products, much the way automobiles get a safety rating or restaurants in New York get a health safety grade.

The order comes amid a wave of new cyberattacks, more sophisticated and far-reaching than ever before. Over the past year, roughly 2,400 ransomware attacks have hit corporate, local and federal offices in extortion plots that lock up victims’ data — or publish it — unless they pay a ransom.

The most urgent fear is an attack on critical infrastructure, a point made clear this week to Americans, who were panic-buying gasoline. A ransomware attack on Colonial Pipeline’s information systems forced the company to shut down a critical pipeline that supplies 45 percent of the East Coast’s gasoline, diesel and jet fuel for several days.

SolarWinds hack, in which Russia’s premier intelligence agency altered the computer code of an American company’s network management software. It gave Russia broad access to 18,000 agencies, organizations and companies, mostly in the United States.

The new order also requires all federal agencies to encrypt data, whether it is in storage or while it is being transmitted — two very different challenges. When China stole 21.5 million files about federal employees and contractors holding security clearances, none of the files were encrypted, meaning they could be easily read. (Chinese hackers, investigators later concluded, encrypted the files themselves — to avoid being detected as they sent the sensitive records back to Beijing.)

Previous efforts to mandate minimum standards on software have failed to get through Congress, notably in a major showdown nine years ago. Small businesses have said the changes are not affordable, and larger ones have opposed an intrusive role of the federal government inside their systems.

But Mr. Biden decided it was more important to move quickly than to try to fight for broader mandates on Capitol Hill. His aides said it was a first step, and industry officials said it was bolder than they expected.

Amit Yoran, the chief executive of Tenable and a former cybersecurity official in the Department of Homeland Security, said the question on everyone’s mind was whether Mr. Biden’s order would stop the next Colonial or SolarWinds attacks.

“No one policy, government initiative or technology can do that,” Mr. Yoran said. “But this is a great start.”

Government officials have complained that Colonial had poor defenses, and while it established a hard shell around its computer networks, it had no way of monitoring an adversary who got inside. The Biden administration hopes the standards set out in the executive order, requiring multifactor authentication and other safeguards, will become widespread and improve security globally.

Senator Mark Warner, Democrat of Virginia and the chairman of the Senate Intelligence Committee, praised the order but said it would need to be followed by congressional action.

Mr. Warner said recent attacks “have highlighted what has become increasingly obvious in recent years: that the United States is simply not prepared to fend off state-sponsored or even criminal hackers intent on compromising our systems for profit or espionage.”

The new order is the first major public part of a multilayered review of defensive, offensive and legal strategies to take on adversaries around the world. This executive order, however, focuses entirely on deepening defenses, in hopes of deterring attackers because they fear they would fail — or run a higher risk of being detected.

The Justice Department is ramping up a new task force to take on ransomware, after the discovery in recent months that such attacks are more than just extortion, they can bring down sectors of the economy.

Mr. Biden announced sanctions against Russia for the SolarWinds hack, and his national security adviser, Jake Sullivan, has said there will also be “unseen” consequences. So far, the United States has not taken similar action against China’s government for its presumed involvement in another attack, exploiting holes in a Microsoft system used by large companies around the world.

The executive order was first drafted in February in response to the SolarWinds intrusion. That attack was especially sophisticated because hackers working for the Russian government managed to change code under development by the company, which unsuspectingly distributed the malware in an update to its software packages. It was discovered during Mr. Biden’s transition and led him to declare he could not trust the integrity of federal computer systems.

The review board created under the executive order will be co-led by the secretary of homeland security and a private-sector official, based on the specific episode it is investigating at the time, in an effort to win over industry executives who fear the investigations could be fodder for lawsuits.

Because it was created by an executive order, not an act of Congress, the new board will not have the same broad powers as a safety board. But officials are still hopeful it will be valuable in learning of vulnerabilities, improving security practices and urging companies to invest more in improving their networks.

Much of the executive order is focused on information sharing and transparency. It aims to speed the time companies that have been victimized by a hack or discover vulnerabilities share that information with the Cybersecurity and Infrastructure Security Agency.

View

Terms and Conditions - Privacy Policy