WTF? Cyber bill to put US in charge of global cyber security

[Paul Ferguson <fergdawgster () gmail com>]

Cyber bill to put US in charge of global cyber security
Matthew Hall

February 9, 2012 - 12:18PM

In the wake of the SOPA outcry, another controversial bill that puts
the US in charge of global cyber dealings is simmering.

While industry and public uproar has stalled the controversial online
anti-piracy bills known as SOPA and PIPA, American legislators are
maintaining an aggressive stance on cybercrime, preparing to vote on a
new bill that, if passed, will force other countries to play by US
rules.

The bill - International Cybercrime Reporting and Cooperation Act - is
likely to go to a vote in the next few months. It will place the
United States at the forefront of the battle against international
internet-driven crime by threatening economic sanctions on countries
that allow cyber attacks to originate on their soil.

"The issue of cyber security is so vital right now to US national
security and to the United States economy," said Senator Kirsten
Gillibrand, a co-sponsor of the proposed bill.

It follows a change of heart from legislators on the earlier Stop
Online Piracy Act (SOPA) and its cousin, the Protect International
Property Act (PIPA), whose opposers say go too far in giving US law
makers the power to bring down websites, effectively censoring the
internet.

The bill, 18 months in the making, will establish international
protocols on the issues surrounding cybercrime, allow the US
government to name and shame lax governments, and establish a
framework for economic sanctions on uncooperative governments.

"Right now, there is no protocol," Gillibrand said. "There is no way
to call the Russian government and say 'You've got five guys sitting
in a room over there who keep attacking our stock exchange – what are
you going to do about that?'

"We want to give incentives for countries that need our help, for
countries that don't have a way to prosecute cyber crime, or to
investigate these cases."

Speaking before an audience of law enforcement officials, industry
insiders and academics in New York City recently, Gillibrand said a
personal fear was for a talented hacker to sell his skills to
terrorist groups.

"If countries that are players in this issue don't participate or
don't actually try to enforce laws against cyber criminals we could
have sanctions in terms of multilateral banking finance or we could
have sanctions that would limit or suspend preferential trade
programs. We could also suspend, restrict, or withdraw foreign
assistance."

Unsurprisingly, law enforcement officials have welcomed the bill. FBI
Special Agent Mary Galagin, head of the agency's Cyber/Special
Operations Division, believes technology is in danger of outrunning
the legal framework applying to her office.

"If we continue to increase the technology in the United States but
legislation does not increase, then law enforcement will get to a
point where we will go dark," Galagin said. "We cannot get the
information we need to stop a terrorist attack, espionage, criminal
attacks.

"You can do a lot more harm to our country right now with a computer
than you can with a lot of other weapons. It is kind of like the
Pirates of the Caribbean out there. There are pirate ships. There is
lots of gold. People are going for it."

While terrorism and espionage is one focus, companies including
Facebook and MasterCard support the bill in the face of an added twist
– their interest in protecting private customer data from compromise.

Chris Sonderby, Facebook's Associate General Counsel who oversees the
company's global law enforcement relations, believes it's in the
interest of private companies to partner with law enforcement agencies
to protect customers as much as themselves.

"People demand a level of security," said Sonderby, whose company
holds data on over 800 million active users.

"Those companies that don't protect information are those that people
are going to be uncomfortable sharing with or they're not going to
use.

"There are powerful market incentives to make sure that companies you
entrust information to have taken adequate steps to protect that
data."

That's a similar philosophy Senator Gillibrand is hoping US lawmakers
can apply internationally in the next few months, after the US took
the unprecedented step of naming Russia and China as a safe havens for
criminal activity in the internet.

"We have to elevate the issue," she said. "This bill won't dictate
what laws Russia should enforce. It just asks Russia to care."

http://www.smh.com.au/it-pro/security-it/cyber-bill-to-put-us-in-charge-of-global-cyber-security-20120209-1rmuk.html

- ferg

-- 
"Fergie", a.k.a. Paul Ferguson
 fergdawgster(at)gmail.com
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.