It has been a trying week in the world of cybersecurity. Nasdaq, and a group of oil/gas companies have been the victims of hackers. The latest round of attacks has led Congress to rally around their anti-hacking bill. The “Cybersecurity Enhancement Act” is a bipartisan effort which looks to fun cybersecurity, research, awareness, and education.
|U.S Congress Rallying Cybersecurity Bill After Nasdaq Attack|
The first round of attacks affected a handful of oil companies. McAfee released the report, stating the hackers got away with sensitive data concerning proprietary operations, and financial information. The motive(s) behind the attack are unknown at this time.
McAfeeÕs director of security strategy Greg Day stated, “What makes this different is the very specific ongoing targeting of specific organisations with a very distinct purpose to what they were trying to achieve.”
Nasdaq was the next victim, though their attack appears to be less heinous. During the previous weekend, Nasdaq reported suspicious files on one of their US servers. These files could have caused a massive information leak for one of its internet-based client apps.
Both of these incidents have led to a rally by Congress.Democratic Senator Robert Menendez will be introducing the bill, and he stated, “Cyber-threats are not on the horizon, they are upon us.”
He related the attacks to the importance of the US economy as well, “We believe that these multipronged efforts are exactly what we need to take in order to ensure that we do not have the type of breaches, whether in our trading platforms, but also in other major significant infrastructure in our country.”
If you’re interested in what’s exactly in the Cybersecurity bill, here’s a few highlights.
– Directs specified federal agencies participating in the National High-Performance Computing Program to: (1) transmit to Congress a cybersecurity strategic research and development plan and triennial updates; and (2) develop and annually update an implementation roadmap for such plan.
-Provides for the award of computer and network security research grants by the National Science Foundation (NSF) in the research areas of social and behavioral factors, including human-computer interactions, and identity management, as well as in the detection, investigation, and prosecution of cyber-crimes involving organized crime, intellectual property, and crimes against children.
-Requires the Office of Science and Technology Policy (OSTP) Director to convene a cybersecurity university-industry task force to explore mechanisms for carrying out collaborative R&D activities through a consortium or other appropriate entity.
If you’d like to read a summary of the bill, or it’s entirety,you can find it here.