| Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
|
|
|
National Defense > Blog > Posts > Legislation to Counter Dangerous Cyber-Attacks Stalled
|
9/26/2013By Yasmin Tadjdeh 
Legislation to facilitate information sharing about cyber-attacks between the government and the private sector has stalled in Congress and one House leader is blaming the Senate.
"What we need to have happen is real-time sharing, so that you [the private sector] share with the government, 'Hey, I got hit with this malicious source code. It's really ugly,' in real time,” said Rep. Michael Rogers, R-Mich., chairman of the House Intelligence Committee.
The Senate doesn't quite understand the importance of cybersecurity and is holding up the passage of the Cyber Intelligence Sharing and Protection Act, he said at the U.S. Chamber of Commerce's Cybersecurity Summit on Sept. 25. Some form of the bill needs to pass in order to protect Americans and their assets, he added.
The government is not prepared to deal with major attacks. When one-sixth of the economy is facilitated through the Internet, and the country's security is not up to par, that’s a problem, Rogers said.
CISPA was originally introduced in 2011 and was meant to provide information sharing between the private and public sectors. Critics said it would degrade civil liberties, while proponents said it would encourage industries to share details about dangerous cyber-attacks. The bill cleared the House of Representatives, but failed to pass the Senate in 2012. The bill has since stalled after being reintroduced this session.
One of the biggest issues currently holding CISPA back is widespread misinformation. Better education is needed to prove that the act would not infringe on civil liberties, as critics have claimed, said Rogers. Jokingly, he added that cybersecurity needs a campaign akin to Smokey the Bear, who could perhaps be called "Freddy the Firewall."
“It seems really simple, but we've made this as complicated — and I say 'we' as in the United States of America, our debate in Congress — as complicated as we possibly can,” he said.
The recent National Security Agency wiretapping scandal has only worsened the chances of passing CISPA, Rogers said. American citizens have reservations that the government is spying on them, and that is not true, he said.
The NSA does not care about the everyday workings of the average American, Rogers said. What the agency is looking for is indications of a potential terrorist attack, he said.
“Someone [is always] filling the canister of flamethrower fear about the ‘Government is watching you and only you.’ I got really bad news; this may hurt some people's feelings here today. The government really doesn't care about what you are talking about on your email. I know that's shocking. They really don't care about what you are posting on your Facebook,” said Rogers.
The scandal has taken away valuable time from congressional and government agency officials who now have to contend with constant questions about the nature of NSA snooping when there are much bigger issues to deal with, Rogers said.
"We're getting attacked by the Chinese, the Russians, the Iranians [and] now the North Koreans are thinking they would like to get in the game of cyber," said Rogers. "And we're spending all our time in this country talking about how bad the people who are trying to stop those people are. We better wake up and we better shake ourselves out of it, or we are going to be in real trouble."
While Congress fights over the details of the bill, threats are growing, said Kevin Mandia, CEO of Mandiant Corporation, a Washington, D.C.-based cybersecurity company.
Earlier this year, Mandiant released a report that blamed Unit 61398 of China’s People’s Liberation Army for numerous cyber-attacks. The unit, which is based in Shanghai, has stolen hundreds of terabytes of data from at least 141 organizations, according to the report.
Both the private and public sector face an asymmetrical landscape when it comes to stopping these types of attacks, Mandia said.
“One bad guy needs to break into one system, and one good guy needs to protect 400,000 machines. That's not fair,” said Mandia.
But the private sector doesn't have to wait for CISPA, or some version of it to pass, he said. Companies need to start voluntarily sharing information now, then if CISPA does pass, it will have the architecture already built.
Finding a solution to the network security problem is essential, said retired Adm. Thad Allen, former commandant of the Coast Guard. During a keynote speech at the summit, he quoted former Defense Department Secretary Leon Panetta's fears of a “cyber Pearl Harbor” event. Allen said he is not afraid of such an event because Pearl Harbor was a surprise, and in this case, there is no question that a major attack will happen eventually.
"In my view, I don't lay awake at night thinking about a cyber Pearl Harbor. I do worry about a cyber Desert One,” said Allen.
Desert One, or Operation Eagle Claw, was a 1980 mission to rescue 52 hostages during the Iranian hostage crisis. The event was a failure, with a number of servicemen dying in a helicopter crash. It resulted in humiliation for the then-Jimmy Carter administration and was the catalyst for a number of reforms in the Defense Department.
But Michael Leiter, former director at the National Counterterrorism Center, said a cyber Pearl Harbor is already here, it just doesn't look like people thought it would.
"We're having a Pearl Harbor today. It just happens to be a Pearl Harbor of slow-moving deadly gas rather than things blowing up,” said Leiter.
Photo Credit: Thinkstock
| Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
| Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XsnLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | FileType | xsn | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.2 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.3 | 255 | | Edit in Browser | /_layouts/images/icxddoc.gif | /blog/_layouts/formserver.aspx?XmlLocation={ItemUrl}&OpenIn=Browser | 0x0 | 0x1 | ProgId | InfoPath.Document.4 | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsx | 255 | | View in Web Browser | /_layouts/images/ichtmxls.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&DefaultItemOpen=1 | 0x0 | 0x1 | FileType | xlsb | 255 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsx | 256 | | Snapshot in Excel | /_layouts/images/ewr134.gif | /blog/_layouts/xlviewer.aspx?listguid={ListId}&itemid={ItemId}&Snapshot=1 | 0x0 | 0x1 | FileType | xlsb | 256 |
|
|
|
|
|
|
|