Senate Panel Assesses CyberthreatsNeed to Ramp Up Efforts to Improve Cybersecurity Stressed
At a hearing held the day before the 13th anniversary of the Sept. 11 terrorist attacks, representatives of the FBI and the Department of Homeland Security joined two senators in stressing the need to ramp up efforts to repel emerging cyberthreats.
"Assessing these ever-changing, broad threats and making sure our government continues to hone its ability to stop them remains a top priority for this committee, particularly as we approach another 9/11 anniversary," said Sen. Tom Carper, D-Del., chairman of the Senate committee on Homeland Security and Governmental Affairs. The committee hosted the hearing that also dealt with a broad range of terrorism issues.
"We ... hear about actors in cyberspace that want to drain our bank accounts, shut down our financial system and our electric grid, steal our individually identifiable information and our identities, as well as the R&D that will enable American businesses and our military to remain pre-eminent in the world," Carper said.
Sen. Tom Coburn, R-Okla., the committee's ranking member, expressed his disappointment that cybersecurity legislation hasn't been put on the floor for a vote in the Senate.
"I think it's a shame that the leader of the Senate won't put a cybersecurity bill on the floor, one that creates true information sharing," he said. "Let the Senate debate it so we can actually start to really protect the cyber aspect of our government." (See: Expectations Low for Cyber Legislation)
In his remarks, Coburn cited data breaches against the public and private sectors, highlighting the need for various sectors to work together to address the issue. "We should not fall back from talking about what [nation states] are doing," he said.
Call for Legislative Action
Suzanne Spaulding, undersecretary for the National Protection and Programs Directorate at the Department of Homeland Security, also urged Congress to pass measures designed to beef up cybersecurity. "The mission of strengthening resilience of critical infrastructure requires us to focus on physical risks as well as cyber-risks," she said.
Spaulding contended that more needs to be done to update laws guiding federal agency network security, give law enforcement the tools needed to fight crime in the digital age, create a national data breach reporting requirement, and promote the adoption of cybersecurity best practices within critical infrastructure.
During her testimony, Spaulding also highlighted as a successful example of cyberthreat information sharing the recent notification from DHS and the Secret Service about the Backoff point-of-sale malware hitting retailers.
"In partnership with the Financial Services Information Sharing and Analysis Center, the results of this analysis were published and enabled U.S. businesses to identify and stop ongoing cyber-intrusions, thereby protecting customer data and mitigating losses," she said.
The FBI is making cybersecurity a top priority as organizations continue to face threats from state-sponsored hackers, hackers for hire, global cyber syndicates and terrorists, Robert Anderson, executive assistant director for the FBI's criminal, cyber, response and services branch, told the committee.
"Since 2002, the FBI has seen an 80 percent increase in the number of computer intrusion investigations," he said.
The FBI continues to work with other agencies and the private sector to address cyberthreats, Anderson told the Senate panel. The agency is also working to recruit, develop and retain a highly skilled cyber workforce.
In his testimony, Anderson also called attention to the recent international effort to disrupt the Gameover Zeus botnet (see: International Malware Crackdown Revealed).
Despite efforts made to improve the safety of Americans, there's still a long way to go, Sen. Coburn said. "I think the threat to our country is just as great as it was pre-9/11 based on what's happening in the world," he said.