From the moment that Japan attacked Pearl Harbor, America learned that it is not an impenetrable fortress protected by thousands of miles of ocean, and on September 11, we were tragically reminded of that fact. Likewise, there is a new kind of threat to the United States that knows no territorial boundaries, but this one travels neither by land, by sea or by air. It’s the threat to America’s cyber security, and today Congress has the opportunity to do something about it.
Whether you know it or not, hackers are busy at work all around the world striking the United States via the Internet in an attempt to steal valuable intellectual property and sensitive information. Using the same methods, these perpetrators of cyber espionage could attack the critical infrastructure that keeps America running, such as the nation’s power grid and water supply.
China is a major cyber espionage culprit. According to the House Permanent Select Committee on Intelligence, U.S. companies have reported Chinese attempts to steal client lists, merger and acquisition data, pricing information, and the results of research and development efforts — all of which gives foreign companies an unfair competitive advantage. That intellectual property theft also costs big money — ranging up to $400 billion per year, not to mention the jobs that go along with it.
Though the United States government has the capability to protect itself against cyber espionage by using both classified and unclassified cyber threat information, the private sector doesn’t get the benefit of this information. Today, the House of Representatives will vote on a crucial bill to do something about it — the Cybersecurity Information Sharing and Protection Act (CISPA), introduced by House Permanent Select Committee on Intelligence chairman Mike Rogers (R-MI) and ranking member Dutch Ruppersberger (D-MD).
Under CISPA, the U.S. government will be able to share information about incoming cyber attacks — that includes providing American companies details on malware, viruses, and other malicious code that pose a threat to their security. That way, attacks can be stopped before they even begin. For their part, the companies would be encouraged to share information about the threats they identify — all on a completely voluntary basis — so that other networks can be protected. And that’s valuable information that computer analysts can use to understand the attack, who launched it, where it’s coming from, and how to protect against other attacks like it.
Civil liberty advocates and other critics of the bill have raised concerns that CISPA is a threat to privacy or could result in the blocking of websites, as was the worry with the Stop Online Piracy Act. However, nothing could be further from the truth
Analysis of the bill shows that CISPA does not allow for any blocking of websites but merely facilitates the sharing of cyberthreat information. It gives no additional authority to the Department of Defense, the National Security Agency, or any other “element of intelligence community to control, modify, require or otherwise direct the cybersecurity efforts of a private-sector entity or a component of the Federal Government or a State, local, or tribal government.”
In addition, the bill includes new measures that would allow the government to use shared cybersecurity information only for a cybersecurity purpose, for a national security purpose, to prevent death or serious bodily harm, or to protect minors from sexual exploitation, kidnapping, and trafficking. That’s in addition to other protections against the improper use of data.
Rogers warns that, “Without important, immediate changes to American cybersecurity policy, I believe our country will continue to be at risk for a catastrophic attack to our nation’s vital networks – networks that power our homes, provide our clean water or maintain the other critical services we use every day.” Rogers is right. As Americans know all too well, the United States is not invincible. Though the nature of the threats may change, the need to defend ourselves remains. The Cybersecurity Information Sharing and Protection Act is a valuable resource in that fight.
Quick Hits:
- President Obama’s broad use of power came under fire in yesterday’s Supreme Court hearing on his Administration’s challenge to Arizona’s immigration law. Justice Sonia Sotomayor — an Obama appointee — told the president’s attorney that his argument is “not selling very well.”
- The United States has begun drone strikes in Yemen against suspected al-Qaeda operatives. The CIA is conducting the strikes under new authority approved by the White House.
- China was hoping to be a world leader on electric cars, pledging billions of dollars for research and calling for annual sales of 500,000 cars by 2015. They’re falling far short and may only sell 2,000 cars this year.
- Charles Taylor, the African warlord, has been convicted for his role in the Sierra Leone atrocities including mass murder, the chopping off of limbs, sexual slavery and the use of child soldiers.
- There’s more to the story on student loans than President Obama is letting on. Find out the truth on The Foundry.