Archive

Archive for the ‘Cybersecurity Legislation’ Category

Senate Committee Approves Cyber Legislation

Thursday, August 5, 2010 | 3:15 PM 1 comment

From the National Journal’s Congress Daily:

A Senate committee today approved legislation that gives the Energy secretary power to issue emergency orders for imminent cybersecurity threats to the electric grid.

The Energy and Natural Resources Committee was initially considering a similar measure that passed the House in June. Sponsored by Global Warming Chairman Edward Markey, that bill grants the Federal Energy Regulatory Commission — not the Energy secretary — the authority to issue emergency orders to protect the power grid if the president declares an imminent cybersecurity threat. The Senate’s measure gives authority to FERC for risks that are not as imminent.

The point behind designating power to a single person rather than an agency like FERC is to help ensure a more rapid response.

The measure approved today is actually the cybersecurity title from a sweeping energy bill the Energy and Natural Resources Committee approved last year. The panel swapped the House language for the Senate’s language with hopes it would have a better chance of passing the upper chamber.

“Both the House and the Senate developed thoughtful, and needed, cyber bills which address many of the same issues,” said Bill Wicker, spokesman for Energy and Natural Resources Chairman Jeff Bingaman. “We think that the Senate’s version is more likely to move more quickly on this side of the Capitol. And that is our main objective — to have Congress act quickly on this critically important issue.”

Moderate members from both parties doubt though that the Senate has the political will to pass such a bill.

“I don’t see many things that can get bipartisan support yet this year,” Sen. Ben Nelson, D-Neb., said today.

While noting that cybersecurity is a serious issue that deserves consideration, Nelson said that “what seems to be driving most of the policy decisions over here is the outcome of this next election.”

Sen. Lindsey Graham, R-S.C., predicted no big measures will pass before November, noting that cybersecurity is a national security issue and thus qualifies.

The cybersecurity measure was one of 17 bills the energy committee approved today without a single Republican present. The GOP members wanted the panel to postpone the markup until after the August recess. Noting the dwindling legislative calendar, the majority decided to move forward now, Wicker said.

While taking issue with the procedural side of the markup and some of the other energy bills that passed today, Energy and Natural Resources ranking member Lisa Murkowski does not have any objections to the cybersecurity measure, her spokesman said.

Of the 17 bills approved today, six deal with energy and 11 with public lands. The energy bills include those that incentivize electric vehicle technology and solar energy, and one that creates a Supply Star program within the Energy Department. The program would incentivize the use of efficient supply chains by companies.

Read more…

Advertisements

Cracking Code and Taking Cyber Heat

Wednesday, July 7, 2010 | 5:30 PM Leave a comment

Calling all coding gurus and cyber geeks:  Wired’s Danger Room this afternoon is asking readers to attempt to crack an embedded military code.  According to the report, the US military’s new Cyber Command has created a logo for its organization, which includes the code “9ec4c12949a4f31474f299058ce2b22a” around the logo’s inner ring.

On the topic, a source close to CyberCom told Wired, “It is not just random numbers and does ‘decode’ to something specific.”  Although Wired has yet to explain the code’s exact meaning, the article has generated over 125 comments and translation attempts, including several suggestions that the message says “Poder Cybernetico,” meaning “Cyber Power.”

And while ‘cyber power’ may be turning up in a security logo, it’s apparently missing from a security office — That is, the Department of Homeland Security.  Continuing to catch heat for its mismanagement, DHS is “missing the mark,” Rep. Bennie Thompson (D-MS), chairman of the House Homeland Security Committee, said in a statement published by Homeland Security Today.

According to the report, a Bottom Up Review (BUR) conducted by DHS and yet to be released to the public, has five missions: “preventing terrorism and enhancing security, securing and managing US borders, enforcing and administering US immigration laws, safeguarding and securing cyberspace, and ensuring resilience to disasters.”
Read more…

Recapping the July 4 Attack and Calling for a Cyber Step-Up

Tuesday, July 6, 2010 | 9:35 PM 1 comment

Welcome back Cybersecurity News readers…

Over the long weekend, the AP reported that US officials have ruled out the idea that North Korea was behind last year’s July 4 denial-of-service (DoS) cyber attacks on US and South Korean government and corporate websites.

The origin of the attacks, which hit sites including the US Treasury Department and the Federal Trade Commission, was declared a “dead end” by Don Jackson, director of threat intelligence for cybersecurity consulting firm SecureWorks.

According to Jackson, the hackers “pulled it off so well, managed it so well — this was someone who has experience at running these types of attacks.”  Jackson further noted that, with its cyber insight, South Korea may have been the disguised delinquent.

Meanwhile, retired Gen. Wesley Clark advised, “There are a number of national intelligence agencies who are creating cybercapabilities. It’s a natural area of exploration.”  Not ruling out North Korea, Gen. Clark warned, “I wouldn’t underestimate North Korea’s potential in this space.”
Read more…

More Senate Cyber Legislation and House Smart Grid Cyber Concerns

Friday, July 2, 2010 | 3:45 PM 1 comment

The National Journal is reporting this afternoon that seven key Senate Democrats sent a letter to President Obama last night expressing their concerns for the nation’s cybersecurity and calling for “an urgent need for action.”

In the letter, Senators Harry Reid (NC), John Rockefeller (WV), Joe Lieberman (CT), Dianne Feinstein (CA), Carl Levin (MI), Patrick Leahy (VT) and John Kerry (MA) wrote: “We must ensure that the federal government is organized and integrated to facilitate cross-government coordination, broad situational awareness, and agile, effective responses to cyber threats.  We must also ensure that the government has adequate authorities to protect U.S. critical infrastructure and has the institutions in place to ensure effective cooperation and information sharing with key government and private sector actors.”

The senators went on to note that they are “working to develop comprehensive cyber legislation that will endow the federal government with the capabilities and authorities it needs to effectively meet the tremendous challenges of cybersecurity.”  An expected date for the new legislation was not provided.

Over in the House, cybersecurity was also a topic of discussion, as the Committee on Science and Technology’s Subcommittee on Technology and Innovation held a hearing yesterday to discuss smart grid standards and technologies.  A press release on the hearing included the mention of cybersecurity measures to protect the nation’s power grid, which, according to Subcommittee Chairman David Wu (D-OR), “has often been called the biggest machine on Earth.”
Read more…

Cyber Bills: Creating Concerns and Competition

Monday, June 28, 2010 | 4:15 PM Leave a comment

There are “five critical flaws” in the Lieberman-Collins-Carper cybersecurity legislation. That’s according to Jeffrey Carr, who, in an article in Forbes today, said the bill, which passed in the Senate Homeland Security and Governmental Affairs Committee last week, should have us “very concerned.”

According to Carr, a cyber intelligence consultant for the US government, the bill: puts the power grid in the private sectors’ hands, leaving it vulnerable to an attack;  provides the President with cyber authority after an attack occurs, in lieu of being proactive;  provides specific power to the US-CERT, which was recently criticized for its lack of
manpower and authority;  enables energy companies to report, on their own time, if/when they have been attacked, further delaying government response and repair;  and fails to examine all potential sources, internally and internationally, capable of attacking the US.

The solution?  Another cybersecurity bill…

Though it may not be the right answer, Republican Senators Kit Bond and Orrin Hatch have introduced new legislation, the National Cyber Infrastructure Protection Act of 2010.
Read more…

Cybersecurity: “A Long Way Since September 11”

Friday, June 25, 2010 | 10:15 AM Leave a comment

In a letter to the editor this morning in the Washington Post, Philip Reitinger, deputy undersecretary for national protection and programs at the Department of Homeland Security, pointed out that “Cybersecurity has come a long way since September 11.”

Reitinger’s comments come as rebuttal to DHS Inspector General Richard Skinner’s announcement last week that the Department was experiencing shortfalls in the cybersecurity office, the US-CERT.

While Reitinger may be right that the US has made cybersecurity strides over the past nine years, it seems cybersecurity has also picked up momentum over the past few days.

According to The Hill, the Senate Committee on Homeland Security and Governmental Affairs yesterday moved to approve Sens. Lieberman, Collins and Carper’s comprehensive cybersecurity bill, The Protecting Cyberspace as a National Asset Act.  That is, after the much debated “kill switch” portion of the bill was amended “to limit the president’s authority in the event of a cyber emergency.”
Read more…

Cybersecurity Heats Up in Washington

Tuesday, June 22, 2010 | 4:45 PM Leave a comment

Information Week is reporting this afternoon that Senate Majority Leader Harry Reid announced the chamber’s plan to combine several cybersecurity measures currently floating around the floor.

According to the article, Eric Hopkins, federal financial management subcommittee staffer of the Senate Homeland Security and Government Affairs Committee, suggested, “By working together, we can put something together that will be solid and hopefully won’t require too much debate.”

The Information Week article goes on to acknowledge that the Senate homeland security committee bill co-sponsored by Sens. Lieberman, Collins and Carper, as well as the Senate commerce committee bill of Sens. Rockefeller and Snowe are “the two most prominent and comprehensive bills currently circulating.”

Meanwhile, cybersecurity continues to pick up steam, with the Washington Post reporting that the White House Office of Science and Technology announced its plan to sponsor major federal cybersecurity research.  According to Dawn Meyerriecks, deputy director of national intelligence for acquisition and technology, “The government’s about to spend multiple billions of dollars.”
Read more…