The White House and Congress are said to be planning new cybersecurity legislation, rumored to be announced this week, as intelligence reports suggest a cyberespionage campaign is taking aim at the country’s economic competitiveness.
The National Intelligence Estimate cited China as the main country responsible for hacking into secure U.S. institutional and business computer networks to obtain data or information illegally for financial gain. The current attempt to breach U.S. computer security is so large, in fact, the Washington Post calls the endeavor “massive and sustained.”
In addition to China, the National Intelligence Estimate named three other nations -- Russia, France and Israel -- that have hacked U.S. computer networks in their search for economic or corporate intel, but, according to the classified report, the three countries' activities don’t come close to matching China’s efforts.
Numerous industries have been affected by cyberespionage over the past five years including the energy, finance, information technology, aerospace and automotive sectors, the Washington Post reported.
Recently, several major private news publications, including the New York Times, Washington Post, and Wall Street Journal, announced within days of each other that they had been infiltrated by Chinese hackers. However, many private companies remain reluctant to discuss cyberespionage threats at all.
“It’s harder for companies to suggest that they haven’t been attacked," Michael Birmingham, a spokesman for the Office of the Director of National Intelligence, told the Washington Post. "The question is, how do they respond when they are asked about it? Is it in their interest to work with other companies and with the government to alleviate some of the problem?”
Leaders in Washington have been preparing legislation to defend against cybersecurity attacks. Last week, the Hill reported that the Cyber Intelligence Sharing Protection Act, or CISPA, would return to Congress after it was killed in the Senate last year. The CISPA bill is designed to limit cyberattacks by allowing and making it easier for private companies -- like the ones that were hacked recently -- to share information and data with the Department of Homeland Security.
While there were many controversial aspects of the original CISPA bill -- including concerns that it was too vague and had very little oversight -- it seems that a revamped CISPA bill might be more popular this time around amid the growing number of cyberattacks, mostly from China.
New reports indicate that the White House plans to support new CISPA legislation in 2013, as opposed to last year when the administration threatened to veto CISPA if the bill reached the president's desk.
A White House-backed CISPA bill could pass this year, and in light of growing cybersecurity threats, CISPA (or a similar bill) may be viewed as necessary to protect the secure data and information of both the U.S. government and private U.S.-based companies.
The White House seems to be vigilant on cybersecurity and may be preparing to discuss the issue publicly in the coming days. The Washington Post said the White House would release a trade-secrets report soon, which is said to hint at further co-operation between the private sector and the government.
Similarly, the Hill reported that President Obama and his administration are working on an executive order to protect the nation against cyberattacks. The executive order -- which doesn’t require Congress' approval -- would create a voluntary program whereby companies that work in critical infrastructure would try to meet new cyber-security standards, written in part by the government, and share information about cybersecurity threats and breaches.