Cybersecurity Bill Passes House After Obama Veto Threat

By Chris Strohm – The U.S. House passed cybersecurity legislation backed by companies including Boeing Co. (BA) and AT&T Inc. (T), defying a veto threat by President Barack Obama’s administration over what it called inadequate privacy protections.

The bill doesn’t require companies “to take reasonable steps” to remove personal information when sharing cybersecurity data with the government or other companies, the White House said April 16 in a statement on the veto threat. more> http://tinyurl.com/bproon9

Related>

• Cybersecurity Standards for Electric Grid Seen Expanding, Brian Wingfield, Businessweek
• As CISPA cybersecurity bill passes House, privacy advocates mobilize, Chenda Ngak, CBS News
• CISPA Vote: House Passes Cybersecurity Bill To Let Companies Break Privacy Contracts, Zach Carter and Sabrina Siddiqui, huffingtonpost.com
• CISPA Passes In The House, (Again) But Faces Resistance In Senate And White House (Again), Andy Greenberg, Forbes

Protecting against cyber-attacks

By Senator Lindsey Graham (R-S.C.) and Senator Sheldon Whitehouse (D-R.I.) – The threat to our critical infrastructure, national security and economic prosperity was laid out in a February report by Mandiant, a respected U.S. computer security firm. An elite unit of Chinese hackers affiliated with China’s People Liberation Army, the report concluded, is likely behind a wave of attacks on U.S. government and business computer systems.

If you’re a business owner, listen to our top cyber-experts, who say there are only two kinds of businesses: those that have been hacked, and those that don’t know they’ve been hacked. If you’re a consumer, know there’s a third group: those who know they’ve been hacked and won’t admit it. more> http://tinyurl.com/c4cp6az

Related>

• Six U.S. Air Force cyber capabilities designated “weapons”, Andrea Shalal-Esa, Reuters
• The Circuit: Cybersecurity top topic of discussion this week, Hayley Tsukayama, Washington Post
• Cybersecurity lobbying doubled in 2012, Julianne Pepitone, CNN
• Cyber Security and the CIO Challenge, Gordon Makryllos, CSO
• Current State of Cyber Security: More Concern Over Facebook Than Credit Cards, Bruce Rogers, Forbes
• McConnell: Cybersecurity framework will reduce risk, but not ‘fix the problem’, Molly Bernhart Walker, FierceGovernmentIT
• U.S. business groups worried by cybersecurity law aimed at China, Reuters
• Governor Bob McDonnell Announces Virginia Cyber Security Partnership, MeriTalk, Dark Reading

Internet slowed by cyber attack on spam blocker

Reuters – Spamhaus, a London and Geneva-based non-profit group which helps weed out unsolicited “spam” messages for email providers, said it had been subjected to “distributed denial of service” (DDoS) attacks on an unprecedented scale for more than a week.

“Based on the reported scale of the attack, which was evaluated at 300 Gigabits per second, we can confirm that this is one of the largest DDoS operations to date,” online security firm Kaspersky Lab said in a statement. more> http://tinyurl.com/blc3f8h

Related>

• Spamhaus attacks expose huge open DNS server dangers, Jaikumar Vijayan, Computerworld/Network World

4 Internet privacy laws you should know about

By Brandon Butler – Below are four legislation that are either actively being debated, or could come up for consideration soon.
1. Electronic Communications Privacy Act (ECPA)
ECPA allows the government to obtain access to digital communications — including email, Facebook messages, information sitting in your public cloud provider’s databases, and a variety of other files — with only a subpoena and not a warrant once those items are 180 days old.
2. Cyber Intelligence Sharing and Protection Act (CISPA)
At a basic level, CISPA dictates how companies share information about cyberthreats with the federal government. Opponents to the legislation, like the Electronic Frontier Foundation (read an FAQ about CISPA from the EFF here), are worried about what they call inadequate privacy protections given the broad definitions of cyberthreat.
3. Computer Fraud and Abuse Act (CFAA)
Generally speaking, CFAA makes it a federal crime to access and share protected information. Organizations like the EFF have called for CFAA reforms for years.
4. Trans Pacific-Partnership Agreement (TPP)
The U.S. Trade Office on its website discusses the benefits of TPP, particularly as they relate to trade agreements between the countries, but says little about the technology impacts of the TPP. more> http://tinyurl.com/b2u6kdl

Related>

• CISPA: Cybersecurity or internet privacy killer? local10.com

Cyber attack stops access to JPMorgan Chase site

Reuters – The latest problems on Chase.com came as intelligence officials said for the first time on Tuesday that cyber attacks and cyber espionage have surpassed terrorism as the top security threat facing the United States.

JPMorgan and other major U.S. banks, including Bank of America Corp and Citigroup Inc, have recently warned their investors that their sites have been attacked and that the assaults could continue. more> http://tinyurl.com/ajf9swm