Announcement

Collapse
No announcement yet.

NSA Seen Getting Hacking Threat Data Under Senate Bill

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • NSA Seen Getting Hacking Threat Data Under Senate Bill

    This is bad, needs to be dropped on the floor.

    Many of the private Security sectors are already doing this. If this passes, it will be abused and get us more conditioned to having everything monitored for purposes that are not in the best interest of the American people.



    The Senate is advancing legislation that would let companies and the U.S. government share information about hacking threats, even as privacy advocates say the plan could enable the National Security Agency to sweep up information about innocent Americans.

    Bank of America Corp. (BAC:US), Visa Inc. (V:US) and other companies operating critical U.S. computer systems would be given legal protections for sharing hacking threats with each other and the government under a bill backed yesterday by the Senate’s intelligence committee.

    Supporters including the American Bankers Association and the Financial Services Roundtable are at odds with the American Civil Liberties Union and other privacy advocates over the bill.

    “We have seen how the federal government has exploited loopholes to collect Americans’ private information in the name of security,” Democratic Senators Ron Wyden of Oregon and Mark Udall of Colorado said in a statement yesterday after voting against the bill. “Without these protections in place, private companies will rightly see participation as bad for business.”

    The bill is designed to address concern that disclosing hacking vulnerabilities could expose companies to lawsuits or that communications with competitors could invite antitrust actions.

    While companies won’t be obligated to share data under the bill, there’s clearly a need. Cybercrime costs banks, retailers, energy companies and other sectors as much as $575 billion a year and rising, according to a report published last month by the Washington-based Center for Strategic and International Studies and sponsored by network security company McAfee Inc.
    NSA Backlash

    Wyden and Udall said the bill “lacks adequate protections for the privacy rights of law-abiding Americans” and “will not materially improve cybersecurity.”

    The NSA has faced a domestic and international backlash over revelations that it collected the phone records of millions of Americans and intercepted the Internet communications of U.S. citizens without warrants.

    Supporters defended the bill. “If we take no action then cyber-attacks are going to continue to occur,” Senator Saxby Chambliss of Georgia, the top Republican on the Senate’s intelligence committee, told reporters yesterday. “There is the potential for the American economy to be severely interrupted.”

    The bill specifies conditions under which companies would be given legal protections for monitoring networks and sharing hacking threat data. “Such sharing is for cybersecurity purposes only and companies must take appropriate measures to protect against the sharing of personally identifying information,” according to a summary from the intelligence committee.
    Difficult Arena

    “This is the first bill in a very difficult arena,” Senator Dianne Feinstein, a California Democrat and chairman of the committee, told reporters. “It’s very much a first step. Later on there may be other steps that need to be taken.”

    Feinstein and Chambliss defended a provision that would allow hacking threat data to be shared in real time with the NSA and other agencies.

    The bill “is not perfect for anybody” and compromises were made “between what the business sector wanted and what the privacy folks wanted,” Chambliss said.

    The bill would limit the government’s ability to use information it receives for “cyber-related purposes to ensure it does not engage in inappropriate investigations or regulation,” according to the summary.





    While Feinstein and Chambliss said the bill could be amended on the Senate floor, they believe it will reach President Barack Obama’s desk this year. The House passed its version last year.
    Step Forward

    The Senate bill “is a very good step forward,” three top industry officials wrote in a letter of support July 7 to Feinstein and Chambliss.

    “The threat of cyber-attacks is a clear and present danger to our industry and to other critical infrastructure providers that we and the nation as a whole rely upon,” according to the letter from Frank Keating, president and chief executive officer of the American Bankers Association; Tim Pawlenty, president and CEO of the Financial Services Roundtable; and Kenneth Bentsen, president and CEO of the Securities Industry and Financial Market Association.

    SIFMA, Wall Street’s biggest trade group, has proposed a government-industry cyberwar council to stave off terrorist attacks that could trigger financial panic by temporarily wiping out account balances, according to an internal document.
    Sharing Portal

    The bill would authorize the Department of Homeland Security to serve as the primary federal civilian agency for coordinating information-sharing by creating a “portal” to interface with companies. That would enable the five-year-old DHS National Cybersecurity and Communications Integration Center to bolster its role as an anti-hacking coordinator between U.S. banks, utilities and other companies operating the networks that millions of Americans use daily.

    “If we don’t know what’s going on, we can’t respond to it,” Larry Zelvin, director of the center, said in an interview. “Sometimes we don’t know about an attack until it comes up in the news or social media.”

    Recent examples have shown the growing threat of hackers. A Russian group known as “Energetic Bear” is attacking energy companies in the U.S. and Europe and may be capable of disrupting power supplies, security company Symantec Corp. (SYMC:US) said in a blog post last month.
    ‘Strategically Important’

    The hackers, also called “Dragonfly,” appear to have the resources, size and organization that suggest government involvement. The attackers are targeting grid operators, petroleum pipeline operators, electricity generation firms and other “strategically important” energy companies, the company said.

    The U.S. Department of Justice in May indicated five Chinese military officials for stealing the trade secrets of major global companies like U.S. Steel Corp. (X:US) and Alcoa Inc. (AA:US) One of the indicated hackers known as UglyGorilla was seeking access to parts of a U.S. utility that would let him cut off heat or explode pipelines.

    Almost two dozen privacy advocates including the Electronic Frontier Foundation and the ACLU told Feinstein and Chambliss in a June 26 letter they “strongly oppose” the bill because it could allow private communications to flow to the National Security Agency and law-enforcement agencies. It also doesn’t have adequate controls to protect personal data or limit how information is used, and gives companies overly broad liability protection, the groups wrote.

    To contact the reporter on this story: Chris Strohm in Washington at cstrohm1@bloomberg.net
    Last edited by mustang_revival; 07-09-2014, 10:27 AM.
    WRX


  • #2
    You do realize there will be no end to this?

    Comment


    • #3
      The agency collected and stored intimate chats, photos, and emails belonging to innocent Americans—and secured them so poorly that reporters can now browse them at will.

      Comment


      • #4
        Welp, it passed. (AS-IS)

        The Senate just passed a cybersecurity bill that won’t do shit to prevent hacks. What it will do is help the government spy on its citizens. The


        "The Senate just passed a cybersecurity bill that won’t do shit to prevent hacks. What it will do is help the government spy on its citizens."

        The Senate passed the information-sharing legislation 74 to 21 after shooting down multiple amendments that would have better protected user privacy.


        "For months, privacy advocates have asked Congress to kill or reform the Cybersecurity Information Sharing Act, a bill that they say hides new government surveillance mechanisms in the guise of security protections. Now the Senate has shot down a series of attempts to change the legislation’s most controversial measures, and then passed it with those privacy-invasive features fully intact."



        "CISA passed the Senate today in a 74-21 vote. The bill is fundamentally flawed due to its broad immunity clauses, vague definitions, and aggressive spying authorities. The bill now moves to a conference committee despite its inability to address problems that caused recent highly publicized computer data breaches, like unencrypted files, poor computer architecture, un-updated servers, and employees (or contractors) clicking malware links. "

        Photo: Rob Pegoraro/Yahoo Tech A bill called the Cybersecurity Information Sharing Act — CISA for short — has become one of the least popular tech-policy proposals since another would-be law with a four-letter acronym became a four-letter word in tech circles. CISA is no SOPA (the controversial?“Stop Online Piracy Act”?from a few years back, which would have empowered copyright holders to order allegedly infringing sites off the map of the Internet). But many tech leaders have lined up against CISA as if it were the spawn of SOPA. For instance, Apple condemned CISA in a statement to the Washington Post: “The trust of our customers means everything to us and we don’t believe security should come at the expense of their privacy.”


        "For instance, Apple condemned CISA in a statement to the Washington Post: “The trust of our customers means everything to us and we don’t believe security should come at the expense of their privacy.”

        Twitter backed away from the bill in a tweet from its public-policy account: “Security+privacy are both priorities for us and therefore we can’t support #CISA as written.”"

        The Senate on Tuesday passed CISA, a controversial bill encouraging companies to share private user data with the government that is worrying to civil liberties advocates. Four amendments were proposed to address privacy concerns, but they all died on the floor.




        List of privacy provisions - All turned down - http://www.engadget.com/2015/10/27/u...security-bill/
        Last edited by mustang_revival; 10-28-2015, 02:06 PM.
        WRX

        Comment

        Working...
        X