Here It Comes: “Cybersecurity Standards”, Government Internet Control Gets Serious
Wednesday, December 15, 2010
Sen. Benjamin Cardin, D-Md has introduced a bill that would require the government and the private sector to require minimum cybsersecurity standards for devices that connect to the Internet.
the Internet and Cybersecurity Safety Standards Act would require top government officials to determine the cost-effectiveness of requiring Internet service providers and others to develop and enforce cybersecurity safety standards, according to a press statement from Cardin’s office. Cardin is chairman of the Senate Judiciary Terrorism and Homeland Security Subcommittee.
The bill also requires officials — including Department of Homeland Security secretary Janet Napolitano, attorney general Eric Holder, and Commerce secretary Gary Locke — to consider the effect the standards would have on homeland security, the global economy, innovation, individual liberty, and privacy.
Here’s Cardin’s full Press Release. Keep a vomit bucket nearby.
College Park, MD – At the height of the cybershopping season and just as millions of Americans prepare to use their e-tickets to board airlines around the country for the holidays, U.S. Senator Benjamin L. Cardin (D-MD), Chairman of the Senate Judiciary Terrorism and Homeland Security Subcommittee, has introduced major legislation that would require the government to work with the private sector to propose minimum standards for Internet and cybersecurity safety designed to protect Americans from cybercrime and cyberterrorism. Speaking before hundreds of security, technology and intelligence professionals gathered at the launch the new Maryland Cybersecurity Center today, Senator Cardin outlined the need for such a bill and the malicious nature of cyber threats.
“Every computer connected to the Internet, whether a part of our nation’s critical transportation or energy infrastructure or sitting in a family living room, is a prime target for cyberterrorists, cyberspies and cybercriminals who want to steal our identities, corrupt our financial networks, and compromise or disrupt key resources. Users of computers and other devices that connect to the Internet are generally unaware that their computers and other devices may be used, exploited, and compromised by others with spam, viruses, and other malicious software and agents.
“We live in a digital world and we need to arm ourselves with the right tools to prevent a digital 9/11 before it occurs. Failure to take such steps to protect our nation’s infrastructure and its key resources could wreak untold havoc for millions of Americans and businesses, as well as our national security.”
Cybercrime is serious business. In 2008, the Federal Bureau of Investigation (FBI) uncovered a transnational crime organization that used sophisticated hacking techniques to withdraw more than $9 million in less than 12 hours from 2,100 ATM machines in 280 cities around the world, including the United States, Russia, Italy, Japan and Canada.
“Cybersecurity involves more than preventing identity theft and stealing money,” Senator Cardin said. Senior executives at three major American oil companies reportedly fell victim in 2008 to what security experts called “tenacious” and “clever” cyber attacks that exposed some of these
companies most critical intellectual property after executives were unwittingly duped by unsolicited e-mails carrying data-extracting malware. Cyberterrorists can hit these kinds of financial targets but also more traditional enemies, such as when anti-Israel hackers reportedly connected to Hamas and Hezbollah crashed several Israeli government web sites by flooding them with bogus traffic. Countries like Russia, China and Serbia also have reportedly engaged cybersoldiers to disrupt critical infrastructure systems in advance of or simultaneous to more traditional military engagements.
The Internet and Cybersecurity Safety Standards Act would require the U.S. government and the private sector to work together to develop minimum Internet and cybersecurity safety standards for users of computers and other devices that connect to the Internet. “Just as automobiles cannot be sold or operated on public highways without meeting certain minimum safety standards, we also need minimum Internet and cybersecurity safety standards for our information superhighway,” said Senator Cardin.
Last year, Senator Cardin chaired a Subcommittee hearing entitled “Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace.” It reviewed governmental and private sector efforts to prevent a terrorist cyber attack that could cripple large sectors of our government, economy, and essential services. The hearing included witnesses from key federal agencies responsible for cybersecurity, as well as representatives of the private sector.
Maryland is at the center of our nation’s cybersecurity efforts. The new United States Cyber Command (USCYBERCOM), was established in June of last year, and is located at Ft. Meade, MD. More than 50 key security and intelligence federal facilities and 12 major military installations are or will soon be located in our state, and combined, these facilities and installations will employ nearly 200,000 well-educated, highly-skilled government employees and contractors in cutting-edge research and development, as well as important scientific, medical and technological innovations. In total, Maryland has one of the highest concentrations of technology jobs in the nation, and led the nation in 2009 with the largest growth in computer systems design jobs.