Cyber-security battle looms after Obama directive

Agence France-Presse, February 14, 2013

President Barack Obama's order aimed at ramping up protection from cyber-attacks will address only a small portion of threats and sets up a fresh battle in Congress over legislation.

Obama acted this week after two failed attempts in Congress to pass measures to protect critical infrastructure from computer attacks.

US administration officials and lawmakers acknowledge that the order creates no new authority and that legislation is needed to better safeguard networks for key systems such as power grids, banks and air traffic control.

"The executive order is not a substitute for legislation," said General Keith Alexander, head of the National Security Agency and the military's Cyber Command.

"We need legislation and we need it now," Alexander told a gathering Wednesday to discuss the president's order. "From my perspective, the threats are real and growing."

Because most of the networks in question are in private hands, officials say they must rely on voluntary reporting by industry of any cyber threats or attacks. Legislation would be needed to shield businesses from liability when they do report potential malware threats.

Obama, in his annual State of the Union address to a joint session of Congress, said the United States was facing a "rapidly growing threat from cyber-attacks."

The president also urged Congress to pass legislation "to give our government a greater capacity to secure our networks and deter attacks."

Senator Jay Rockefeller, co-author of a pending cyber-security bill, welcomed the executive order and said it "will improve the partnership between the government and the private sector needed to defend our country."

But other lawmakers were miffed that the president acted alone.

Without protections and incentives from legislation, the order "will be ineffective and carry consequences for entities that choose to participate," said House Homeland Security Committee Chairman Michael McCaul said.

Republican Representative Mike Rogers, who heads the House Intelligence Committee, and ranking Democrat Dutch Ruppersberger re-introduced the Cyber Intelligence and Sharing Protection Act (CISPA), a bill that passed the House last year but died in the Senate.

"We are in a cyber war now, and most Americans don't know it," Rogers told a forum.

"And at this point, we're losing. Nation states like China are stealing our intellectual property at a breathtaking pace."

Ruppersberger said he was optimistic about the bill's chances despite the failure in the last Congress, when the White House threatened a veto and the Senate opted for a different course.

"We had our issues with the president last time," Ruppersberger told an audience at the Center for Strategic and International Studies. "We don't agree on everything but we do agree we have to work together."

Cyber-security legislative efforts failed amid opposition from civil libertarians who claim it could allow too much government snooping and conservatives who say it would create a new bureaucracy.

Ruppersberger argued that in drafting the bill, "we bent over backwards so we don't invade anyone's privacy... the bill does not authorize the government to monitor your computer or read your tweets."

But critics say CISPA still raises civil liberty concerns.

Leslie Harris at the Center for Democracy and Technology said CISPA "remains fundamentally flawed" because "it allows private Internet communications and information of American citizens to go directly to the NSA, a military intelligence agency that operates secretly with little public accountability."

Analysts say it remains unclear whether lawmakers and the White House can break the deadlock and pass legislation offering real protection.

"The US is clearly at a stalemate, with the government floundering in a hotly politicized deadlock with trade lobbies and civil liberties advocates," said Michela Menting, cyber security analyst at ABI Research.

Daniel Castro of the Information Technology & Innovation Foundation said the cyber-security order may in fact reduce pressure on lawmakers to pass a bill.

"Some people will say this takes care of the problem," he told AFP. "So this lessens the urgency."

But if Congress decides to act, it may be pressed to do so ahead of deadlines to implement the executive order.

"Some form of CISPA has the best chance of passage this year in Congress," said Thomas Billington, who head the cyber-security media firm Billington Cyber-Security.

For the latest technology news and reviews, like us on Facebook or follow us on Twitter.

Tags: Barack Obama, cyber attack, cyber security, hacking, Internet

Internet »

Google Maps help man find family 23 years after being kidnapped

Every year, thousands of children are kidnapped in China by mafias that sell them to couples who are either barren or just want to make sure of having a boy.

More Internet »

Videos »

01:32 YouTube launches subscription-based channels	01:25 New ways to share data across devices
01:27 Android launcher for the elderly	01:20 Ask Guru
01:28 Get grooving with 'Beat Spiral' app and 8tracks.com	02:49 Will Microsoft's bet with Outlook.com pay off?

Photos »

9 images Yahoo! CEO - The cursed job?	9 images All new Chromebooks from Google
10 images Don't be fooled by these online	10 images The online buzz for India Vs. Pak
22 images Top 10 celebs on Google India	10 images Top 10 Yahoo searches in 2009