Too many cyber attacks hushed up, US panel says

The Bipartisan Policy Center said the number of cyberattacks appears to be on the rise
A server is displayed. US cybersecurity efforts are hampered by attacks that go unreported by victims unwilling to divulge confidential information, a research panel said Thursday.

US cybersecurity efforts are hampered by attacks that go unreported by victims unwilling to divulge confidential information, a research panel said Thursday.

The report by the Bipartisan Policy Center said the number of cyberattacks appears to be on the rise, along with .

It said that from October 2011 through February 2012, over 50,000 cyber attacks on private and were reported to the , including 86 attacks on " networks."

But it noted that these "represent only a small fraction of cyber attacks carried out in the United States."

The think tank's cybersecurity task force headed by former chief Michael Hayden and businessman Mortimer Zuckerman said more sharing of information would help bolster cybersecurity.

"Despite general agreement that we need to do it, cyber information sharing is not meeting our needs today," the report said.

It said many private firms keep the news of the attacks secret "because of fears, some justified, including harm to their reputations and potential loss of customers."

Some worry that the information could become part of the public record in a government database, and some "are concerned that they may be held liable for the threat information they share if it turns out to be inaccurate."

The report noted that current law does protect the confidentiality of certain data, but that this effort could be expanded. It said some industry groups which aggregate information on attacks have been threatened with lawsuits if they implicate certain entities in attacks.

It said some of these concerns can be addressed in cybersecurity legislation, which has been stalled in Congress.

"Some companies take the position that under current law, sharing communications with the government cannot be done without a subpoena," the report said.

"With the right privacy and civil liberties protections in place, there is no valid reason for cyber threat information not to be shared with the federal government and a subpoena requirement can often thwart information sharing to identify and stop underway.

"The law should be changed to explicitly permit such sharing, without a subpoena, under conditions that protect privacy and ."


Explore further

US NSA chief backs cybersecurity law

(c) 2012 AFP

Citation: Too many cyber attacks hushed up, US panel says (2012, July 19) retrieved 23 May 2019 from https://phys.org/news/2012-07-cyber-hushed-panel.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
0 shares

Feedback to editors

User comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more