The Cyber Information Sharing and Protection Act, AKA CISPA, has once again passed in the US House of Representatives. Reminder that this bill gives government agencies and their other agencies access to personal, private user data to help monitor for the presence of hackers.
Now, when CISPA was first passed, Senate said NO! Also, President Barack Obama has said that he’d veto the bill if it came through his office. Because of the different privacy issues, many advocates against this bill will fight it to the end.
This bill has been backed by bigwig business for a long period of time, almost since the beginning of the talks of this bill. Maybe it could be the big government contract ($$$) for these big businesses that seem attractive or maybe could be the fact that these business truly believe to end hackers’ abilities.
Will it completely stop hacker initiatives? Probably not. However, it would provide the ability to try to limit some of the bigger initiatives.
Government sectors of China, Russia, etc. are a bit of a cyberthreat to the United States, information access is what the US will need if it wants ahead of the game. Do you agree?
Of course the president of the US doesn’t want it passed if it violates the rights of citizens. But, in the end, realize that if money among other things, like personally-identifiable-information were to be stolen every year — and people would realize this, then people should have no problem with their data being accessible to US authorities rather than hackers.
The bright side would be, is if government authorities have access to your private data, it isn’t going to spread around like wildfire, unlike what’d happen if a hacker got a hold of it.
It’s easy to do an Internet search for lists of email addresses, and pull up loads upon loads of private email addresses that hackers posted in public to humiliate those that haven’t been smart enough to keep it secret.
Spammers and phishers, all the time, access your private information on Facebook, if you accidentally click the wrong link or follow a malicious email link – which asks you to ‘enter your Facebook username and password to continue.’
Some people argue that the government doesn’t care for internet users but rather cares for the money they’d get. Well, actually, if you think about it, the government is paying these big businesses to participate in the information sharing process, so the American people’s pocketbooks/wallets can be protected, and their own privacy.
Who else has protested this? Anonymous:
Even the Reddit co-founder is urging the US Government to NOT pass it.
What should be our take? You decide. My vote is neutral. I see this bill as a good thing in spots (because of potentially ending hacker initiatives and malware/virus threats), however, it poses a major privacy threat. For most advocates of privacy, I agree with them.
Your opinion matters too! Contact your local senator and let your voice be heard. It’s usually best to write a letter, which provides good results. Providing written documentation of a fair but firm protest is the best way to go.
It’s been studied for months to issue an Executive Order for Cybersecurity on information sharing of cybersecurity threats between companies. It’s been talked about for years. It’s a pressing issue that with high-level attacks going on targeting critical infrastructures, that information sharing between companies is important. President Barack Obama agrees that this should take effect.
One core problem in information sharing is that data on new threats to security and other cybercrime attacks need to be shared when it happens rather than in the middle of an attack. Usually, some companies will provide some info to other companies, but put it on low priority where the other company (on the receiving end) receive it too late to do anything about it.
As we reported back in late December, 46 US House of Representatives Republicans joined in a letter (PDF) to urge President Barack Obama not to issue the executive order on cybersecurity. The letter of urgency, led by Representatives Marsha Blackburn (Tennessee) and Steve Scalist (Louisiana) was aimed at helping to reduce the amount of government involvement in cyberwar, in hopes not to stir rages with hackers and other pests.
However, if companies don’t band together to help defeat the cybersecurity problems scattering aggressively on the Internet, then every normal internet user will be doing some information and credit card sharing, which could cause money to be robbed out of the pockets of millions of people everyday. But, with this Executive Order, at least companies can share information about cybersecurity threats and prevent people from being robbed, and clean up the situations of data and identity theft.
As we reported late last month, critical infrastructure vulnerabilities are getting out of hand.
“The cyber war has been under way in the private sector for the past year,” says Israel Martinez, a board member of the U.S. National Cyber Security Council, a nonprofit group composed of federal government and private sector executives.
“We’re finding espionage, advanced persistent threats (APTs), and other malware sitting in networks, often for more than a year before it’s ever detected,” Martinez says.
With this information paired with the Department of Defense wanting more cybersecurity workers, the state of National Security will improve along with cybersecurity.
According to Wired Magazine Online, The order, which runs eight pages (.pdf), directs the Attorney General’s office, the office of Homeland Security Secretary Janet Napolitano and the Director of National Intelligence to issue instructions to their agencies that would “ensure the timely production of unclassified reports of cyberthreats to the U.S. homeland that identify a specific targeted entity” to Congress and also develop a program for providing “classified cyber threat and technical information from the Government to eligible critical infrastructure companies or commercial service providers that offer security services to critical infrastructure,” according to the document.
With the government wanting to expand operations to handle critical infrastructure vulnerabilities implementing more workers, to expediting security clearances, they have this to say in the Order:
“It is the policy of the United States Government to increase the volume, timeliness, and quality of cyber threat information shared with U.S. private sector entities so that these entities may better protect and defend themselves against cyber threats.”
Some worry about this order, and hope this is the right thing to do.
“I am concerned that the order could open the door to increased regulations that would stifle innovation, burden businesses, and fail to keep pace with evolving cyberthreats,” Republican Representative Michael McCaul, of Texas, said in a statement.
“The president’s executive order rightly focuses on cybersecurity solutions that don’t negatively impact civil liberties,” ACLU legislative counsel Michelle Richardson said in a statement. “Greasing the wheels of information sharing from the government to the private sector is a privacy-neutral way to distribute critical cyber information.”
We’ll see the state of the internet security landscape as time goes on, as this is just the beginning. In efforts to see this thing through, congress will be keeping a close eye on this issue, and perhaps start adding other measures to support it.
46 US House of Representatives Republicans joined in a letter (PDF) to urge President Barack Obama not to issue the executive order on cybersecurity. The White House is currently drafting an executive order that encourages operators of critical infrastructures (like banks, power grids, etc.) to meet cybersecurity standards.
“Instead of preempting Congress’ will and pushing a top-down regulatory framework, your administration should engage Congress in an open and constructive manner to help address the serious cybersecurity challenges facing our country,” the lawmakers wrote.
The executive order is expected for release in January, which will help protect these vital systems from hackers. It’s highly important that this gets put into action, or the United States can see some issues happen such as power loss, plane crashes, train derailments, etc.
“This framework will work better than attempts to place the government in charge of overseeing minimum standards for industries seeking to invest in new and innovative security solutions,” the Republicans wrote.
The letter of urgency, led by Representatives Marsha Blackburn (Tennessee) and Steve Scalist (Louisiana) is aimed at helping to reduce the amount of government involvement in cyberwar, in hopes not to stir rages with hackers and other pests. However, if something isn’t done very soon, America as we know it could be in a lot of trouble.
Also, earlier this month, The New York Times reported that President Obama ordered similar attacks on the super-computers that run Iran’s nuclear plants.
According to Reuters, “Based on obtained information, America and the Zionist regime (Israel) along with the MI6 planned an operation to launch a massive cyber attack against Iran’s facilities following the meeting between Iran and the P5+1 in Moscow,” Iran’s English-language Press TV quoted him as saying.
Another crazy issue would be that since Iranian leaders could not talk to the US/UK/Israel, they assumed an attack was planned. I guess what they don’t know WILL hurt them…right?
What is big about this, is the fact that the cyberwar between the US-based allies (UK + Israel + US) and Iran is heating up. Prepare for more stories like this here on seCURE Connexion!
- Iran Says It Has Detected ‘Massive Cyber Attack’ Against Its Nuclear Facilities: State TV (huffingtonpost.com)