UPDATE 4-Obama presses Congress on cybersecurity measures
* Plan would require better notification of data breaches
* Core infrastructure would work with DHS on prevention
* White House hopes Congress will pass bill this year
* Says US cannot fully defend itself unless law updated (Adds details from proposal, background)
By Diane Bartz
WASHINGTON, May 12 (Reuters) - The White House on Thursday pressed Congress to pass strong cybersecurity measures to protect consumers' personal information and safeguard the nation's financial system and electric power grid from potentially devastating attacks.
Several cybersecurity bills have limped along in Congress over the past year, despite high-profile hacker attacks on Nasdaq OMX Group (NDAQ.O) and a more recent one on Sony Corp (6758.T) that exposed the personal data of more than 100 million of its online video game users.
"The cybersecurity vulnerabilities in our government and critical infrastructure are a risk to national security, public safety and economic prosperity," the White House said in a statement.
It is unclear if the White House pressure will win support for stricter cybersecurity laws, especially among Republicans who control the House of Representatives.
The legislative proposal from the Obama administration would require companies that suffer data breaches to report that to consumers if their personal information is stolen.
It also adds cyber crimes to RICO, the Racketeering Influenced and Corrupt Organizations Act, since organized crime is behind much of the theft of credit card numbers and passwords.
The administration also wants to force companies critical to U.S. infrastructure -- such as electric companies and big financial firms -- to develop their own plans to address security weaknesses.
The Department of Homeland Security (DHS) would be allowed to weigh in on whether particular plans are adequate.
Previous bills with similar language have rankled corporate America as regulatory overreach, with many companies indicating they would fight any effort to be included as "critical infrastructure."
Other steps would make it easier for companies to work with the DHS to find the source of cyber crimes by creating laws that enable the department to, for example, investigate to learn how a hacker gained entrance.
Senate Democratic Leader Harry Reid's office has taken the lead in Congress on cybersecurity, putting together bills sponsored by Commerce Committee Chairman Jay Rockefeller and and Homeland Security Committee Chairman Joe Lieberman.
An administration official said the White House would like Congress to enact a cybersecurity bill this year, after a broad discussion including representatives from industry, privacy advocates and the wider community.
So far this year, there have been several reports of headline-grabbing cybersecurity attacks.
In February, security firm McAfee said hackers working in China broke into the computer systems of five multinational oil and gas companies to steal bidding plans and other critical proprietary information. [ID:nnTOE71905Z]
In April, U.S. authorities shut down a ring that used malicious software to take control of more than 2 million personal computers around the world that may have led to the theft of more than $100 million. [ID:nN13289856]
Also this spring, large U.S. companies including JPMorgan (JPM.N), Walgreen (WAG.N) and TiVo (TIVO.O) disclosed that the names and e-mail addresses of customers were exposed after a computer hacker penetrated online marketer Epsilon in one of the biggest such breaches in U.S. history. [ID:nN03201363] (Additional reporting by Steve Holland; editing by Todd Eastham)
- Exclusive: Radar data suggests missing Malaysia plane deliberately flown way off course - sources
- Lost passenger jet was diverted deliberately: Malaysian PM |
- Malaysia PM says lost plane's movements indicate a deliberate act
- UPDATE 2-Satellite data shows missing Malaysia plane may have flown thousands of miles-source
- UPDATE 1-Rolls-Royce concurs with Malaysia on missing jet's engine data