Intelligencer Journal/Lancaster New Era
Feds roll out cybersecurity plan
BY ANNE FLAHERTY, Associated Press
WASHINGTON -- Declaring that America is losing an aggressive cyber-espionage campaign waged from China, administration officials and lawmakers on Wednesday agreed to push legislation that would make it easier for the government and industry to share information about who is getting hacked and what to do about it.
They say this new partnership, codified by law and buoyed by President Barack Obama's new executive order, is critical to keeping countries such as China, Russia and even Iran from rummaging in American computer networks and targeting proprietary data they can use to wreak havoc or compete against U.S. businesses.
The pledge from legislators and Obama's top security aides already has special interest groups scrambling to influence the outcome, which remains uncertain in a bitterly divided Congress focused on other high-priority issues such as immigration and gun control.
"Until Congress acts, President Obama will be fighting to defend this country with one hand tied behind his back," said Senate Majority Leader Harry Reid, D-Nev., who promised Wednesday to advance a bipartisan proposal "as soon as possible."
On Tuesday, Obama signed an executive order that relies heavily on participation from U.S. industry in creating new voluntary standards for protecting information. The order also expands the government's effort to share threat data with companies.
But officials warned that the order doesn't do enough to address the threat they say could paralyze U.S. commerce. At issue is the legal liability facing companies if they divulge information, and whether companies should be compelled to meet certain security standards.
"The government is often unaware of malicious activity targeting our critical infrastructure," said Gen. Keith Alexander, head of the National Security Agency and U.S. Cyber Command.
"These blind spots prevent us from being in a position of helping critical infrastructure defend itself and it prevents us from knowing when we need to defend the nation," Alexander told industry and government officials Wednesday at the Commerce Department.
In the House, Reps. Mike Rogers, R-Mich., and Dutch Ruppersberger, D-Md., both on the Intelligence Committee, have revived their pro-industry legislation that would keep secret any information a company shares with the government. It also would shield businesses from anti-trust litigation if they share threat data with their competitors.
But privacy advocates who helped bring about a veto threat of the legislation last year said the legislation still unfairly gives the secretive NSA a central role in collecting data from the private sector.