Anti-computer hacking bill coming in U.S. Congress

WASHINGTON Thu Feb 10, 2011 11:57am EST

WASHINGTON Feb 10 (Reuters) - Strengthening cybersecurity is the goal of legislation being introduced in the U.S. Congress after reports of hack attacks on computer networks at Nasdaq OMX Group (NDAQ.O) and at oil and gas companies.

"Cyber-threats are not on the horizon, they are upon us," Democratic Senator Robert Menendez, who is introducing the bill, said in a statement on Thursday.

The bipartisan Cybersecurity Enhancement Act would fund more cybersecurity research, awareness and education.

"Businesses and investors must trust that their investments are secure. We cannot allow security breaches to undermine our trust in the U.S. economy," said Menendez, from New Jersey.

Hackers working in China broke into computer systems of five multinational oil and gas companies to steal bidding plans and other critical information, computer security firm McAfee Inc MFE.N said on Thursday. [ID:nTOE71905Z]

Nasdaq OMX, operator of the Nasdaq Stock Market, said over the weekend that it had found "suspicious files" on its U.S. computer servers and determined that hackers could have affected one of its Internet-based client applications.

Nasdaq OMX said there was no evidence that the hackers obtained customer information or that any of the company's trading platforms were compromised. [ID:nN05148621]

Menendez and other lawmakers have urged regulators to look into the incidents and report back to Congress. (Reporting by Kevin Drawbaugh and Diane Bartz; Editing by Tim Dobbyn)

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (5)
Synchlavier wrote:
It’s baloney don’t blame the hackers – I’m sorry to say but this lies squarely on the shoulders of industry as they have to spend the money to secure their own systems from outside intrusion – what has happened is that govt & industry in this country don’t want to pay money to the IT guys & they can’t hire cheap overseas labor to do this kind of creative & sensitive work – so they want to enact draconian laws to prevent any and all hacking period. Of course this will backfire & will stifle innovation & progress in a whole host of IT related areas as the contributions of the hacking community is both not appreciated & underestimated. That of course hurts the greater economy as it is these fields that are the ones paying & guess who doesn’t want to pay – you got it greedy american corporations. Those very corporations would rather use the savings from not having to invest in their corporations IT infrastructure to enriching do nothing board members & CEO’s with outrageous compensation packages that defy reality. So I ask who is ultimately breaking the law the bespectacled hacker sitting behind a keyboard or the greedy CEO who always wants something for nothing =)

Feb 10, 2011 1:53pm EST  --  Report as abuse
Synchlavier wrote:
The proposed legislation is baloney and hackers are not the ones to blame – I’m sorry to say but this lies squarely on the shoulders of industry as they have to spend money to secure their systems from outside intrusion – what has happened is that large corporations in this country don’t want to pay money to the IT guys, security firms, programmers, hardware vendors to secure their systems. Furthermore they are unable to hire cheap overseas labor to engage in this type of sensitive & creative work – instead the preferred track has been to lobby congress in enacting draconian laws to prevent any form of hacking period. Of course this will backfire in the long run & will have the effect of stifling innovation & progress in a whole host of IT related areas from software engineering & development to hardware development necessary in preventing system compromise & penetration. That of course hurts the greater economy as it is these fields that are the ones paying & guess who again doesn’t want to pay – you got it greedy american corporations. To large banking institutions and organizations such as NASDAQ I have this to say – IT is a merit based field devoid of politics!! start hiring competent IT personal & you won’t be having they type of system compromises & embarrassing break ins such as those at NASDAQ that made recent headlines. If the system is adequately protected & locked down these sorts of problems won’t be happening period =) In essence you get what you pay for their is no free lunch – take some of that outrageous bonus money & put it to work hiring competent IT personal =)

Feb 10, 2011 4:32pm EST  --  Report as abuse
Xylex wrote:
So, if I understand this correctly, using taxpayer money to foot the bill to secure private industry’s computer systems so that they can continue to pay sub-standard rates to overseas developers who make the insecure systems in the first place and weaken the US software development market is somehow a good thing?

Feb 10, 2011 8:55pm EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.