Senate Homeland Security Members Press Trump Administration on Cyber Strategy
James Lankford, R-Okla., and other Senate Homeland Security Committee members urged the White House Wednesday to press forward on developing a comprehensive cybersecurity strategy. A day earlier, Armed Services Committee Chairman John McCain, R-Ariz., scolded President Donald Trump's administration for not completing work on a promised plan for combating cyberwarfare before a self-imposed deadline (see 1705090066). Homeland Security Chairman Ron Johnson, R-Wis., and cybersecurity experts used a hearing to emphasize the need for the U.S. to address emerging threats.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
“We are exceptionally vulnerable in our system,” Lankford said. “One of the prime things that we have to move is some actual deterrence.” He hopes Congress can work with the administration to get “close” to cyber deterrence “so worldwide there is a relationship internationally that if you hack into our systems and if you steal our information, or if you destroy systems, here are the boundaries and here’s what our response is.”
Ranking member Claire McCaskill, D-Mo., faulted this administration for not filling out its cybersecurity team. “Scores of senior cyber-related positions in agencies throughout the government remain unfilled,” she said: “We are waiting for nominees to be announced” for top cybersecurity jobs at the departments of Commerce, Defense, Homeland Security, Justice and State. “We’re needlessly fighting with one hand tied behind our back,” McCaskill said.
Johnson pointed to a recent hack aimed at ransoming an early release of Netflix's Orange Is the New Black as an example of the growing cyberthreat posed by “the advancement of our technology.” IoT proliferation has made the U.S. “more and more dependent on the electrical grid, more and more dependent on the internet, and as a result we are far more vulnerable,” Johnson said. “We better start defining these things. We ought to start laying out some pretty strong lines.”
The U.S. needs to lead a “sustained international effort to tackle common internet and communications ecosystem threats” and seek “higher level solutions that benefit everybody,” said White & Case cybersecurity lawyer Steve Chabinsky. Botnets are a particular concern because they can be used as a tool for “economic espionage” and “financial theft with the command and control of credential stealing, malware, and it obviously includes” distributed denial of service attacks against critical infrastructure, he said. The FCC recently suffered a DDoS attack (see 1705100062).
Symantec Senior Director-Global Government Affairs and Policy Jeffrey Greene said all entities need to fully utilize a “modern security suite” that involves multi-factor authentication and advanced exploit detection technology. A comprehensive program also should include data loss prevention tools and device-specific protections, including low-power solutions for IoT devices, Greene said.