Too many cyber attacks hushed up, US panel says

Jul 19, 2012
A server is displayed. US cybersecurity efforts are hampered by attacks that go unreported by victims unwilling to divulge confidential information, a research panel said Thursday.

US cybersecurity efforts are hampered by attacks that go unreported by victims unwilling to divulge confidential information, a research panel said Thursday.

The report by the Bipartisan Policy Center said the number of cyberattacks appears to be on the rise, along with .

It said that from October 2011 through February 2012, over 50,000 cyber attacks on private and were reported to the , including 86 attacks on " networks."

But it noted that these "represent only a small fraction of cyber attacks carried out in the United States."

The think tank's cybersecurity task force headed by former chief Michael Hayden and businessman Mortimer Zuckerman said more sharing of information would help bolster cybersecurity.

"Despite general agreement that we need to do it, cyber information sharing is not meeting our needs today," the report said.

It said many private firms keep the news of the attacks secret "because of fears, some justified, including harm to their reputations and potential loss of customers."

Some worry that the information could become part of the public record in a government database, and some "are concerned that they may be held liable for the threat information they share if it turns out to be inaccurate."

The report noted that current law does protect the confidentiality of certain data, but that this effort could be expanded. It said some industry groups which aggregate information on attacks have been threatened with lawsuits if they implicate certain entities in attacks.

It said some of these concerns can be addressed in cybersecurity legislation, which has been stalled in Congress.

"Some companies take the position that under current law, sharing communications with the government cannot be done without a subpoena," the report said.

"With the right privacy and civil liberties protections in place, there is no valid reason for cyber threat information not to be shared with the federal government and a subpoena requirement can often thwart information sharing to identify and stop underway.

"The law should be changed to explicitly permit such sharing, without a subpoena, under conditions that protect privacy and ."

Explore further: WEF unveils 'crowdsourcing' push on how to run the Web

add to favorites email to friend print save as pdf

Related Stories

US NSA chief backs cybersecurity law

Jul 10, 2012

The head of the powerful National Security Agency, General Keith Alexander, said the US must adopt a law to protect the country from cyberattacks while insisting that it would respect privacy.

US bill seeks to improve cyber information-sharing

Nov 30, 2011

A bill intended to increase sharing of information about cybersecurity threats between government and the private sector was introduced in the US House of Representatives on Wednesday.

US senators call for cybersecurity czar

Apr 01, 2009

Two US senators introduced legislation on Wednesday aimed at creating a powerful national cybersecurity advisor who would report directly to the president.

US cybersecurity efforts trigger privacy concerns

Jan 27, 2012

(AP) -- The federal government's plan to expand computer security protections into critical parts of private industry is raising concerns that the move will threaten Americans' civil liberties.

House OKs cybersecurity bill despite veto threat

Apr 27, 2012

The House ignored Obama administration objections Thursday and approved legislation aimed at helping stop electronic attacks on critical U.S. infrastructure and private companies.

White House set to unveil cyber plan

May 12, 2011

The White House on Thursday is expected to unveil its proposal to enhance the nation's cybersecurity, laying out plans to require industry to better protect systems that run critical infrastructure like the electrical grid, ...

Recommended for you

WEF unveils 'crowdsourcing' push on how to run the Web

4 hours ago

The World Economic Forum unveiled a project on Thursday aimed at connecting governments, businesses, academia, technicians and civil society worldwide to brainstorm the best ways to govern the Internet.

Study: Social media users shy away from opinions

Aug 26, 2014

People on Facebook and Twitter say they are less likely to share their opinions on hot-button issues, even when they are offline, according to a surprising new survey by the Pew Research Center.

US warns shops to watch for customer data hacking

Aug 23, 2014

The US Department of Homeland Security on Friday warned businesses to watch for hackers targeting customer data with malicious computer code like that used against retail giant Target.

Fitbit to Schumer: We don't sell personal data

Aug 22, 2014

The maker of a popular line of wearable fitness-tracking devices says it has never sold personal data to advertisers, contrary to concerns raised by U.S. Sen. Charles Schumer.

Should you be worried about paid editors on Wikipedia?

Aug 22, 2014

Whether you trust it or ignore it, Wikipedia is one of the most popular websites in the world and accessed by millions of people every day. So would you trust it any more (or even less) if you knew people ...

User comments : 0