National Cyber Director Proposed to Coordinate Computer Security
WASHINGTON – Democrats and Republicans agreed Wednesday during a congressional hearing that the U.S. government needs a more proactive strategy for protecting against cyberattacks but disagreed how to accomplish it.
Democrats want a new agency to address cyberthreats while Republicans suggest working more aggressively through existing sectors of the government.
They also agreed the coronavirus pandemic demonstrates the nation’s vulnerability to cyberattacks.
Cyberattacks represent “a growing threat” as political adversaries like China, Russia, Iran and North Korea seek to disrupt U.S. computer systems and steal intellectual property, said Rep. Carolyn B. Maloney, D-N.Y., chairwoman of the House Oversight and Reform Committee.
The most recent example she mentioned was an effort by China to steal intellectual property being developed for a coronavirus vaccine.
American pharmaceutical companies are racing to develop a vaccine that could be worth hundreds of billions of dollars in international sales.
Law enforcement agencies report tracing Internet traffic and other markers in computer code indicating the Chinese are trying to tap into records of the pharmaceutical researchers.
Congress is searching for a solution “to ensure we are fully prepared for and coordinated” for cyberattacks, Maloney said.
The leading legislative proposal for confronting the threats is H.R. 7331, the National Cyber Director Act.
The bill would set up 75 cybersecurity experts in a new White House office to oversee the federal government’s efforts to protect the nation’s computer networks. They would be authorized to review the cybersecurity budgets of other federal agencies, recommend changes and to coordinate the response to a national cyberattack emergency.
Currently, federal cybersecurity is spread across multiple agencies.
The bill was included among recommendations in a report by the Cyberspace Solarium Commission, which was authorized under the 2019 national defense budget. The report released in March proposes a layered strategy for cyberdeterrence.
The co-chair of the commission was Rep. Mike Gallagher, R-Wis., who also testified during the hearing Wednesday. He co-sponsored the National Cyber Director Act.
In a statement before the hearing he said, “The coronavirus has elevated the importance of cyberinfrastructure and demonstrated how incredibly disruptive a major cyberattack could be. But while we are woefully unprepared for a cybercalamity, there is still time to right the ship.”
During the hearing, he said the U.S. government and private companies were getting better at detecting threats from hackers.
However, “The threats are getting better as well,” Gallagher said.
Michael J. Rogers, chairman of the public policy foundation Center for the Study of the Presidency and Congress, said the U.S. government needs to be preventive rather than waiting to respond to a cybersecurity crisis.
A single national cyber director could work across different agencies to coordinate prevention efforts, he said.
He also warned that waiting too long would make a crisis unavoidable as adversaries increase their budgets and staffing for cyberattacks.
“They know it has high impact but low consequence,” Rogers said.
He added, “All of them are stepping up their game.”
In The News
WASHINGTON -- As the international blame game over ransomware heats up this week, the U.S. government is scrambling for solutions with increasingly combative strategies. Legislation that won tentative approval in Congress on Monday anticipates a bigger role for the U.S. government in overseeing cybersecurity of critical... Read More
BEIJING (AP) — China on Tuesday rejected an accusation by Washington and its Western allies that Beijing is to blame for a hack of the Microsoft Exchange email system and complained Chinese entities are victims of damaging U.S. cyberattacks. A foreign ministry spokesman demanded Washington drop... Read More
WASHINGTON — Despite our reliance on space technology for things like communication, transportation, food, and health care — not to mention national security — our national space assets aren’t officially designated as critical infrastructure. Humanity is already dependent on space, but neglecting to protect space technology... Read More
The United States, NATO and several allies collectively called out China on Monday for a series of malicious cyber- and ransomware attacks, including a March attack that exploited a flaw in Microsoft's Exchange Server. Monday’s announcement, which followed a conference call with White House reporters Sunday... Read More
BOSTON (AP) — The State Department will offer rewards up to $10 million for information leading to the identification of anyone engaged in foreign state-sanctioned malicious cyber activity against critical U.S. infrastructure — including ransomware attacks — and the White House has launched a task force... Read More
WASHINGTON (AP) — President Joe Biden said Tuesday that damage to U.S. businesses in the biggest ransomware attack on record appears minimal, though information remained incomplete. The company whose software was exploited said fewer than 1,500 businesses worldwide appeared compromised but cybersecurity experts caution that the... Read More