A bipartisan group of U.S. senators and the Obama administration are pushing for quick cyber-security legislation as threats to the industrial and government networks continue to grow.
The government officials met this week on Capitol Hill to discuss “the need for prompt legislative action to ensure the U.S. government has the authorities it needs to keep the nation safe,” said White House spokeswoman Caitlin Hayden to Reuters.
The need for further security against cyber-attacks was highlighted once again this week, when researchers at Symantec said they found a new program, Duqu, which may initiate another Stuxnet-like attack.
Symantec said Stuxnet last year infected computers in 155 countries. Symantec this week said it got an alert about the malware “by a research lab with strong international connections,” but didn’t say if the lab belonged to a government or if it was privately owned. The internet security company said Duqu may be used to steal digital data, adding it could only have been written by hackers with access to Stuxnet’s programming.
Symantec found Duqu in European computers, including some used in industrial control systems for manufacturing, meaning the worm could also threaten government and companies’ systems in the U.S.
Cyber-security is a major worldwide issue, but there has been a political divide in the U.S. over how to handle the growing problem. The intrusions have resulted in breaches for several large U.S. companies such as Google, Lockheed Martin and Citigroup, as well as in Pentagon contractors’ computers.
Sen. Democratic leader Harry Reid is working on a bill to protect networks, including new rules forcing companies to notify consumers when personal data is at risk, and to authorize the Department of Homeland Security to meet minimum standards while monitoring for cyber-attacks.
Republicans, though, say Congress should give companies incentives for cyber-security, but not rush to enforce rules except for vital systems for electricity, nuclear power and water treatment facilities.
The bipartisan approach, though, may bring a quicker solution that will be more results-based, and not political in nature, to benefit government and industrial systems alike.
“From our point of view it was an extremely useful and constructive discussion, ending with agreement that all involved need to work together to pass a cybersecurity bill as quickly as possible,” Hayden said.