Would it concern you to know that by the time you finish reading this column, a major U.S. corporation could be hacked and millions of personal records stolen, including yours? How many times did you use a computer, smartphone, bank or credit card this week? How many times have you thought that your personal information could be stolen? If these questions alarm you, they should. The unfortunate truth is that despite the best efforts by industry and government, our country is incredibly vulnerable to cyber attacks and cyber espionage.
In 2007, clothing retailer T.J. Maxx’s computer system was breached by a hacker, resulting in 94 million credit card accounts being stolen and costing the company $64 million. Sony was attacked in 2011, costing them $171 million. Another U.S. company had an IP address stolen that cost the company 20,000 manufacturing jobs. RSA, a leading internet security firm, was the victim of a cyber attack last year. Hackers infiltrated information relating to one of its security products, and many experts believe this attack was part of a larger effort to target critical entities like defense contractors and financial institutions that rely on RSA. These coordinated attacks are becoming more technologically savvy as thousands of computers are networked together to attack banks, credit card companies and other businesses.
Cyber attacks cost the U.S. economy more than $200 billion annually. That’s money that U.S. businesses and nonprofits could be using to hire more employees and invest back in their businesses or to further their mission. Many times, the people behind cyber attacks are state sponsors like China—even the Russian mob has gotten into the game.
I believe that bolstering our cyber defenses needs to be a higher national priority, and there is broad agreement in the Senate and within the Administration that more has to be done. The House recently took action by passing the Cyber Intelligence Sharing and Protection Act (CISPA), of which I am a co-sponsor. The bill gives the private sector the ability to detect and share information about cyber threats, and gives the intelligence community the ability to share threat information with the private sector so it can better defend itself. It has received support from companies like Facebook and Microsoft, and from major cities that were previously opposed to similar legislation. It’s a bipartisan bill that both sides have worked on diligently to craft a responsible approach to cyber security.
It is important to note that this bill does not contain new federal spending, create a new government bureaucracy or mandate new federal requirements. It simply allows industry and government to work together to combat the problem of cyber attacks and espionage. It breaks down these barriers so that if a sophisticated attack is coming from a specific IP address, and U.S. intelligence officials know it’s coming, our government can tip off the company under potential attack, so it can raise its online defenses. Under current law, there are limitations that prevent the sharing of this level of threat information. CISPA aims to correct this, while striving to protect privacy by encouraging the private sector to “anonymize” the information it voluntarily shares.
I believe that the less government is involved in the Internet, the better. CISPA ensures this and affirms that our country is doing all it can to prevent cyber attacks and espionage.iBi
