Too many cyber attacks hushed up, US panel says

Jul 19, 2012
A server is displayed. US cybersecurity efforts are hampered by attacks that go unreported by victims unwilling to divulge confidential information, a research panel said Thursday.

US cybersecurity efforts are hampered by attacks that go unreported by victims unwilling to divulge confidential information, a research panel said Thursday.

The report by the Bipartisan Policy Center said the number of cyberattacks appears to be on the rise, along with .

It said that from October 2011 through February 2012, over 50,000 cyber attacks on private and were reported to the , including 86 attacks on " networks."

But it noted that these "represent only a small fraction of cyber attacks carried out in the United States."

The think tank's cybersecurity task force headed by former chief Michael Hayden and businessman Mortimer Zuckerman said more sharing of information would help bolster cybersecurity.

"Despite general agreement that we need to do it, cyber information sharing is not meeting our needs today," the report said.

It said many private firms keep the news of the attacks secret "because of fears, some justified, including harm to their reputations and potential loss of customers."

Some worry that the information could become part of the public record in a government database, and some "are concerned that they may be held liable for the threat information they share if it turns out to be inaccurate."

The report noted that current law does protect the confidentiality of certain data, but that this effort could be expanded. It said some industry groups which aggregate information on attacks have been threatened with lawsuits if they implicate certain entities in attacks.

It said some of these concerns can be addressed in cybersecurity legislation, which has been stalled in Congress.

"Some companies take the position that under current law, sharing communications with the government cannot be done without a subpoena," the report said.

"With the right privacy and civil liberties protections in place, there is no valid reason for cyber threat information not to be shared with the federal government and a subpoena requirement can often thwart information sharing to identify and stop underway.

"The law should be changed to explicitly permit such sharing, without a subpoena, under conditions that protect privacy and ."

Explore further: US warns retailers on data-stealing malware

add to favorites email to friend print save as pdf

Related Stories

US NSA chief backs cybersecurity law

Jul 10, 2012

The head of the powerful National Security Agency, General Keith Alexander, said the US must adopt a law to protect the country from cyberattacks while insisting that it would respect privacy.

US bill seeks to improve cyber information-sharing

Nov 30, 2011

A bill intended to increase sharing of information about cybersecurity threats between government and the private sector was introduced in the US House of Representatives on Wednesday.

US senators call for cybersecurity czar

Apr 01, 2009

Two US senators introduced legislation on Wednesday aimed at creating a powerful national cybersecurity advisor who would report directly to the president.

US cybersecurity efforts trigger privacy concerns

Jan 27, 2012

(AP) -- The federal government's plan to expand computer security protections into critical parts of private industry is raising concerns that the move will threaten Americans' civil liberties.

House OKs cybersecurity bill despite veto threat

Apr 27, 2012

The House ignored Obama administration objections Thursday and approved legislation aimed at helping stop electronic attacks on critical U.S. infrastructure and private companies.

White House set to unveil cyber plan

May 12, 2011

The White House on Thursday is expected to unveil its proposal to enhance the nation's cybersecurity, laying out plans to require industry to better protect systems that run critical infrastructure like the electrical grid, ...

Recommended for you

US warns retailers on data-stealing malware

9 hours ago

US government cybersecurity watchdogs warned retailers Thursday about malware being circulated that allows hackers to get into computer networks and steal customer data.

Irish bookmaker apologizes for 2010 data breach

10 hours ago

(AP)—Irish betting company Paddy Power announced Thursday it is notifying hundreds of thousands of customers that most of their profile information was stolen in 2010, but hackers did not gain their credit card details ...

Misinformation diffusing online

12 hours ago

The spread of misinformation through online social networks is becoming an increasingly worrying problem. Researchers in India have now modeled how such fictions and diffuse through those networks. They described details ...

User comments : 0