securitylock

Washington Responds to Cybersecurity Threats with Recommendations and Legislation

Add Your Comments

When it comes to protection of critical US computers and networks, and the data they contain, the government isn’t doing enough, leading to the legislation that will give the Department of Homeland Security and its partners more power to keep systems safe.

A new US congressional committee report was released Tuesday, entitled “The Federal Government’s Track Record on Cybersecurity and Critical Infrastructure”, prepared by Oklahoma Senator Tom Coburn and the Homeland Security and Governmental Affairs Committee. Sen. Coburn sums up the threat in a statement: “Weaknesses in the federal government’s own cybersecurity have put at risk the electrical grid, our financial markets, our emergency response systems and our citizens’ personal information.”

This week, the House Homeland Security Committee voted unanimously in favor of a bill that would amend the Homeland Security Act of 2002 to give the DHS its private cybersecurity partners more power to prevent federal government and critical infrastructure networks. But this additional power, proponents say, is balanced by codification of responsibilities to ensure it doesn’t infringe on Americans’ civil liberties.

Patrick Meehan, chairman of the House Homeland Security Committee Subcommittee on Cybersecurity, said in a statement, “It’s only a matter of time before our power grids or financial networks are the latest victims of hackers.”

Congress’ Track Record report compiles the results of more than 40 department audits, investigations and reviews, including many severe vulnerabilities.

For instance, the Nuclear Regulatory Commission stored sensitive cybersecurity details for nuclear plants on an unprotected shared drive, making them more vulnerable to hackers and cyberthieves. Internal Revenue Service computers were been found to have literally thousands of serious vulnerabilities because critical software patches have not been installed. And in 2012, the Securities and Exchange Commission mishandled and potentially exposed critically sensitive information, including diagrams of how to hack into trading exchanges.

The Congressional report notes, however, that simple fixes like using stronger passwords, and applying patches and updates in a timely manner, would be enough to fix many of these critical vulnerabilities.

“Weaknesses in the federal government’s own cybersecurity have put at risk the electrical grid, our financial markets, our emergency response systems and our citizens’ personal information,” Sen. Coburn said.

In many cases, vulnerabilities in government systems put private enterprises and individuals at risk, but some worry that legislation could give government agencies overarching power over the security of private organizations, which seems like a mistake given its track record.

About the Author

David Hamilton is a Toronto-based technology journalist who has written for the National Post and other news outlets. He has covered the hosting industry internationally for the Web Host Industry Review with particular attention to innovative hosting solutions and the issues facing the industry. David is a graduate of Queen’s University and the Humber College School of Media Studies.

Add Your Comments

  • (will not be published)