SENATORS HATCH AND GILLIBRAND INTRODUCE FIRST OF ITS KIND MEASURE TO BOLSTER CYBERSECURITY – Bill Fosters International Coordination, Cracks Down on Foreign Countries That Offer Cyber Criminals Havens…
Washington, D.C. March 23, 2010 – With the growing cost of cybercrime, Senators Orrin Hatch (R-UT) and Kirsten Gillibrand (D-NY) introduced the International Cybercrime Reporting and Cooperation Act, new bipartisan legislation that would enhance U.S. cooperation with other countries to confront this threat and keep America safe.
“Cybercrime is a serious threat to the security of the global economy, which is why we need to coordinate our fight worldwide. Until countries begin to take the necessary steps to fight criminals within their borders, cybercrime havens will continue to flourish,” said Senator Hatch. “We don’t have the luxury to sit back and do nothing. I believe the International Cybercrime Reporting and Cooperation Act will not only function as a deterrent of cybercrime, but will prove to be an essential tool necessary to keep the Internet open for business.”
“Cybercrime must be a top priority for our national security,” Senator Gillibrand said. “If we’re going to protect our networks, our infrastructure, our economy and our families, we have to go after cyber criminals wherever they may be – and it must be an international effort. Our new legislation will require the president to provide a global assessment, identify threats from abroad, work with other countries to crack down on their own cyber criminals, and urge the President to cut off U.S. assistance and resources for countries that refuse to take responsibility for cybersecurity. Our legislation will make America safer by getting tough on cybercrime globally, and coordinating with our partners in the international community.”
For more than a decade, reports have described the increasing vulnerability of the U.S. to cyberattacks. A growing array of international criminal organization are targeting American citizens, commerce, and information infrastructure, including the Internet, telecommunications networks, financial systems, embedded processors and controllers in critical industries to steal, exploit, disrupt, or destroy information.
An estimate from the Government Accountability Office (GAO) estimates that in 2005 U.S. businesses lost $67.2 billion as a result of cyberattacks. Since then, attacks have dramatically increased. Earlier this year, hackers in China launched a large, sophisticated attack on Google and other American businesses. The global economy overall lost over $1 trillion in 2008 as a result of cyber attacks, according to studies by McAfee, Inc.
Numerous American employers, including Cisco, HP, Microsoft, Symantec, PayPal, eBay, McAfee, American Express, Mastercard and Visa, as well as Facebook, are supporting the Senators’ legislation. “Microsoft strongly supports the International Cybercrime Reporting and Cooperation Act and applauds Senators Gillibrand and Hatch for their leadership in this area,” said Fred Humphries, Managing Director of US Government Affairs, Microsoft Corp. “This legislation is a great step forward toward accessing the technology capabilities and judicial remedies of foreign countries to combat cybercrime and provide a safer, more trusted and secure Internet.”
“We support efforts to increase global awareness of cybersecurity issues, and to improve cybersecurity and investigations of cybercrime,” said Tucker Foote, Vice President & Head of U.S. Government Affairs, MasterCard Worldwide. “We believe your legislation provides useful tools to further those goals and to provide a safer environment for U.S. consumers and businesses to operate in today’s technology-driven world.”
Criminals are increasingly going after online financial data – costing businesses and individuals billions. In fact, each data breach costs American businesses an average of $6.6 million.
Cyber exploitation activity has grown more sophisticated and targeted over the past year and is expected to increase. Relevant international cybercrime agreements have not been signed by certain key countries that host cyber criminals with apparent impunity.
To boost America’s cybersecurity, improve our coordination with allies, and establish tough new ways to crack down on cyber threats internationally, Senators Gillibrand and Hatch today introduced the International Cybercrime Reporting and Cooperation Act.
Annual Presidential Report
The bill would require the President annually report to Congress on the assessment of the state of countries’ use of information and communications technologies (ICT) in critical infrastructure, the extent and nature of cybercrime based in each country, the adequacy and effectiveness of each country’s legal and law enforcement systems addressing cybercrime, and countries’ protection of consumers and commerce online. The President would also report on multilateral efforts to prevent and investigate cybercrime, including U.S. actions to promote such multilateral efforts.
Deliver Foreign Assistance to Prevent Cybercrime Havens
The bill would require that programs designed to combat cybercrime be prioritized to countries with low ICT penetration in order to prevent such countries from becoming future cybercrime havens. Also, U.S. or multilateral assistance designed to improve critical sectors such as finance or telecommunications would be encouraged to include programs designed to combat cybercrime in order to ensure that such assistance is not inadvertently being used to build future crime havens.
Identify Countries of Cyber Concern
The bill would require the President to identify countries of cyber concern – those for there is significant credible evidence that a pattern of cybercrime against the U.S. Government, private entities or persons by persons from within such countries’ borders and such countries do not sufficiently address cybercrime through investigations, prosecutions, bilateral or international cooperation, or appropriate legislation or similar measures.
For each country of cyber concern, the President would establish an action plan with benchmarks designed to assist the government of each such country to improve its capacity to combat cybercrime. This plan would be developed and carried out in consultation with the county of concern in order to encourage them to reach the benchmarks. The President would provide an annual assessment of the country’s participation in the action plan.
The President could waive the requirement to develop an action plan for any country if it is in the national interest, and report such waiver to Congress, in classified form if necessary.
Failure to Meet Action Plan Benchmarks
Countries of cyber concern that do not reach their benchmarks may have one of the following benefits suspended, restricted or prohibited: new OPIC or ExIm financing, new multilateral financing, new TDA assistance, preferential trade programs, or new foreign assistance, as long as such do not limit projects to combat cybercrime.
Department of State International Cybercrime Policy Focus In order to improve the U.S. focus on addressing international cybercrime, the bill would require the Secretary of State to designate a senior official at the State Department to coordinate and focus on activities, policies and opportunities to combat cybercrime internationally, and in consultation with other Federal agencies and the relevant chiefs of mission, appoint employees at key embassies to focus on cybercrime policy.
This brief was provided courtesy of the Investigative & Security Professionals for Legislative Action (ISPLA). The mission of ISPLA is to monitor and identify critical legislative and regulatory issues in order to provide a forum for debate and discussion within the investigative and security professions and to serve as an advocate for these professions. To support and join us in this mission go to www.ISPLA.org
Director of Government Affairs