It’s Thursday, and boy what a Thursday it is…
For Thursday before noon just kidding, President Biden will address the Colonial Pipeline ransomware attack that left the pipeline shut-down sometime in the near future. This will be after he has received his daily brief. He has other events planned for this afternoon.
In light of recent events, I will not be posting the timestamps of President Biden’s tweets. Yeah, I’m cutting corners, but no worries, they will not be context related.
When Wednesday’s Open Thread was posted President Biden had not tweeted. He ended up with 6 tweets and 0 retweets for Wednesday.
Only one tweet was unrelated to the coronavirus pandemic, his first tweet.
The White House posted a read out of the meeting to discuss the American Jobs Plan and the American Families Plan and other ways to spend a lot of money I’m sure.
Today, President Biden hosted the bipartisan, bicameral Congressional Leadership for a productive meeting about how to further make government work for American families during this moment of crisis.
White House.gov. 05/12/2021.
The President enjoyed hosting Speaker Pelosi, Leader Schumer, Leader McConnell, and Leader McCarthy, and spent the nearly two hours working with them to identify areas where they could collaborate, especially with regard to infrastructure, on which the leaders agreed there was a need for investment.
The President reiterated that he ran to be a leader for all Americans — regardless of who they voted for, that he believes there are many crucial areas where his administration and both parties in Congress can come together, and that in this unprecedented moment the American people expect us to put the interests of families above our disagreements.
He expressed appreciation for the important priorities on which the parties had been able to work together so far, and that he wants to work diligently to build on those.
The President also emphasized that whatever differences exist between the parties, the real competition is between the United States and the rest of the world, and that other countries are not waiting for us to equip our people to win in the 21st Century — and that there is nothing we cannot do as a country when we do it together.
After his meeting with the bipartisan group of leadership he offered remarks regarding the coronavirus response and the vaccination program.
The video feed is 18 minutes and 3 seconds long. President Biden’s remarks begin at the 1 minute and 40 second mark. His full remarks can be found here. The timestamp says he spoke from 4:12 p.m., until 4:27 p.m. D.C., time.
Speaking of the 12-15 year old vaccination announcement…
And in case you didn’t catch it the first two times, maybe the third time will be the charm…
It appears the video is an independent message to parents and not related to his remarks.
President Biden: To all the parents out there, there’s some good news: your children ages 12-15 can get vaccinated now. Go to vaccines.gov. Find the nearest place you can get a vaccination. It’s easy, it’s free, it’s convenient, and we’re all counting on you. We need you all to get vaccinated, please.
From his remarks regarding 12-15 years now being eligible for one of the vaccines available.
So, today, I want to talk about an exciting new development. When I spoke last week, I said that we were hoping to soon add a new element to our vaccination program: vaccinations for adolescents ages 12 and older.
And then, on Monday, after a rigorous and thorough review, the Food and Drug Administration — the FDA — authorized Pfizer vaccine for use in that age category: 12 and up.
Today, an independent advisory committee to the Centers for Disease Control and Prevention — the CDC — voted to recommend its use. Now pending the C- — CDC’s final approval later today, we’re going to have, for the first time, a safe and effective COVID-19 vaccine for adolescents over the 12 years of age. And this is one more giant step in our fight against the pandemic.
I sincerely think the scientists, researchers, and clinical trial participants deserve our thanks; they’ve all made this possible. Because of them, nearly 17 million more Americans are eligible to get vaccinated, and now — now.
I encourage each of them and their parents to get their vaccination shots right away. And here’s why: We know that kids at this — at this age, 12 and above, are at risk from COVID-19. About 3 million COVID-19 cases have been reported in kids under 17 years of age. And teenagers can spread it to their friends, to their siblings, to their parents, and to their grandparents. Now that vaccine is authorized for ages 12 and up, and I encourage their parents to make sure they get the shot.
As I promised last week, we’re ready. This new population is going to find the vaccine rollout fast and efficient. As of tomorrow, more than 15,000 pharmacies across this country will be ready to vaccinate this age group. Most of these pharmacies are close to a family — as their family home — as the kid’s school is to their family home.
The bottom line is this: The vaccine for kids between the ages of 12 and 15 are safe, effective, easy, fast, and free.
So, my hope is that parents will take advantage of the vaccine and get their kids vaccinated.
White House.gov. 05/12/2021.
His one non-related to the announcement that 12-15 year-old’s could now get the Pfizer vaccine comes from his opening remarks regarding the coronavirus pandemic.
President Biden: Good afternoon again. Tomorrow, we will cross 250 million vaccine shots administered since I took office. I think it’s a pretty consequential achievement for the nation.
His first tweet so far for Thursday is…wait for it…
Surprise!!!!
President Biden *(4:33): When I spoke last week, I said that we were hoping to soon add a new element to our vaccination program: vaccinations for adolescents ages 12 and older. And then, on Monday, after a rigorous and thorough review, the Food and Drug Administration — the FDA — authorized Pfizer vaccine for use in that age category: 12 and up. Today, an independent advisory committee to the Centers for Disease Control and Prevention — the CDC — voted to recommend its use. Now pending the C- — CDC’s final approval later today, we’re going to have, for the first time, a safe and effective COVID-19 vaccine for adolescents over the 12 years of age. And this is one more giant step in our fight against the pandemic. I sincerely think the scientists, researchers, and clinical trial participants deserve our thanks; they’ve all made this possible. Because of them, nearly 17 million more Americans are eligible to get vaccinated, and now — now.
*The timestamp was taken from the live feed he shared via Twitter yesterday.*
Just as I was finding a way to bring back ‘what fresh hell is this,’ President Biden has to address the gasoline pipeline issue before noon. So, sadly, the fresh hell is on hold until tomorrow, probably.
As the News Blender covered on May 10th, 2021, Colonial Pipeline, the largest pipeline in the U.S., was hit by a cyber attack.
The largest fuel pipeline in the United States was hit by a cyberattack on Friday. The company which controls the equipment, Colonial Pipeline, issued a statement admitting they had been forced to temporarily shut down the conduit’s operation. As of Monday morning, all four main lines remain unusable and have been unable to transfer fuel to cities between its origin at Houston-area refineries and the primary endpoint in New York harbor.
the News Blender. 05/10/2021.
The ransomware attack left states panic-buying gasoline as a result of the shutdown. On Wednesday, President Biden issued an Executive Order on “charting a new course to improve the nation’s cybersecurity and protect federal government networks,” I should note here, that Colonial Pipeline is a private business.
From the fact-sheet:
Today, President Biden signed an Executive Order to improve the nation’s cybersecurity and protect federal government networks. Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals. These incidents share commonalities, including insufficient cybersecurity defenses that leave public and private sector entities more vulnerable to incidents.
White House.gov. 05/12/2021.
- Remove Barriers to Threat Information Sharing Between Government and the Private Sector. The Executive Order ensures that IT Service Providers are able to share information with the government and requires them to share certain breach information. IT providers are often hesitant or unable to voluntarily share information about a compromise. Sometimes this can be due to contractual obligations; in other cases, providers simply may be hesitant to share information about their own security breaches. Removing any contractual barriers and requiring providers to share breach information that could impact Government networks is necessary to enable more effective defenses of Federal departments, and to improve the Nation’s cybersecurity as a whole.
- Modernize and Implement Stronger Cybersecurity Standards in the Federal Government. The Executive Order helps move the Federal government to secure cloud services and a zero-trust architecture, and mandates deployment of multifactor authentication and encryption with a specific time period. Outdated security models and unencrypted data have led to compromises of systems in the public and private sectors. The Federal government must lead the way and increase its adoption of security best practices, including by employing a zero-trust security model, accelerating movement to secure cloud services, and consistently deploying foundational security tools such as multifactor authentication and encryption.
- Improve Software Supply Chain Security. The Executive Order will improve the security of software by establishing baseline security standards for development of software sold to the government, including requiring developers to maintain greater visibility into their software and making security data publicly available. It stands up a concurrent public-private process to develop new and innovative approaches to secure software development and uses the power of Federal procurement to incentivize the market. Finally, it creates a pilot program to create an “energy star” type of label so the government – and the public at large – can quickly determine whether software was developed securely. Too much of our software, including critical software, is shipped with significant vulnerabilities that our adversaries exploit. This is a long-standing, well-known problem, but for too long we have kicked the can down the road. We need to use the purchasing power of the Federal Government to drive the market to build security into all software from the ground up.
- Establish a Cybersecurity Safety Review Board. The Executive Order establishes a Cybersecurity Safety Review Board, co-chaired by government and private sector leads, that may convene following a significant cyber incident to analyze what happened and make concrete recommendations for improving cybersecurity. Too often organizations repeat the mistakes of the past and do not learn lessons from significant cyber incidents. When something goes wrong, the Administration and private sector need to ask the hard questions and make the necessary improvements. This board is modeled after the National Transportation Safety Board, which is used after airplane crashes and other incidents.
- Create a Standard Playbook for Responding to Cyber Incidents. The Executive Order creates a standardized playbook and set of definitions for cyber incident response by federal departments and agencies. Organizations cannot wait until they are compromised to figure out how to respond to an attack. Recent incidents have shown that within the government the maturity level of response plans vary widely. The playbook will ensure all Federal agencies meet a certain threshold and are prepared to take uniform steps to identify and mitigate a threat. The playbook will also provide the private sector with a template for its response efforts.
- Improve Detection of Cybersecurity Incidents on Federal Government Networks. The Executive Order improves the ability to detect malicious cyber activity on federal networks by enabling a government-wide endpoint detection and response system and improved information sharing within the Federal government. Slow and inconsistent deployment of foundational cybersecurity tools and practices leaves an organization exposed to adversaries. The Federal government should lead in cybersecurity, and strong, Government-wide Endpoint Detection and Response (EDR) deployment coupled with robust intra-governmental information sharing are essential.
- Improve Investigative and Remediation Capabilities. The Executive Order creates cybersecurity event log requirements for federal departments and agencies. Poor logging hampers an organization’s ability to detect intrusions, mitigate those in progress, and determine the extent of an incident after the fact. Robust and consistent logging practices will solve much of this problem.
The Executive Order can be found here, and the background press briefing can be found here.
Colonial Pipeline announced via Twitter that the pipeline has returned to service.
Energy Secretary Jennifer Granholm told CNN’s New Day that people should start seeing a return to normalcy by the end of the weekend, hopefully, that is.
In breaking news on Thursday just ahead of President Biden’s remarks Bloomberg reported that according to two people familiar with the matter that the company paid $5 million to “Eastern European hackers on Friday, contradicting reports earlier this week that the company had no intention of paying an extortion fee to help restore the country’s largest fuel pipeline.” The payment Bloomberg says was paid for in cryptocurrency “within hours of the attack.”
According to a third person familiar with the situation the federal government is aware that company paid the hefty ransom.
President Biden’s remarks on the pipeline.
The daily press briefing is scheduled for 12:30 but will likely be pushed back some since President Biden’s remarks haven’t started yet.
This is an Open Thread.
