Monday May 27, 2019
Home Lead Story US Lawmakers ...

US Lawmakers Seek Probe to Control the Spread of Hacking Tools Sold Globally

The bill is expected to be voted on by the full appropriations committee in the coming weeks before going onto the full House

0
//
hacking
A man takes part in a hacking contest during the Def Con hacker convention in Las Vegas, Nevada, on July 29, 2017. VOA

U.S. lawmakers are pushing legislation that would force the State Department to report what it is doing to control the spread of U.S. hacking tools around the world.

A bill passed in a House of Representatives’ appropriations subcommittee on Tuesday said Congress is “concerned” about the State Department’s ability to supervise U.S. companies that sell offensive cybersecurity products and know-how to other countries.

The proposed legislation, released on Wednesday, would direct the State Department to report to Congress how it decides whether to approve the sale of cyber capabilities abroad and to disclose any action it has taken to punish companies for violating its policies in the past year.

National security experts have grown increasingly concerned about the proliferation of U.S. hacking tools and technology.

hacking
National security experts have grown increasingly concerned about the proliferation of U.S. hacking tools and technology. Pixabay

The legislation follows a Reuters report in January which showed a U.S. defense contractor provided staff to a United Arab Emirates hacking unit called Project Raven. The UAE program utilized former U.S. intelligence operatives to target militants, human rights activists and journalists.

State Department officials granted permission to the U.S. contractor, Maryland-based CyberPoint International, to assist an Emirate intelligence agency in surveillance operations, but it is unclear how much they knew about its activities in the UAE.

Under U.S. law, companies selling cyber offensive products or services to foreign governments must first obtain permission from the State Department.The new measure was added to a State Department spending bill by Dutch Ruppersberger, a Democrat from Maryland and member of the House Appropriations Committee.

Ruppersberger said in an emailed statement he had been “particularly troubled by recent media reports” about the State Department’s approval process for the sale of cyberweapons and services.

CyberPoint’s Chief Executive Officer Karl Gumtow did not respond to a request for comment. He previously told Reuters that to his knowledge, CyberPoint employees never conducted hacking operations and always complied with U.S. laws.

hacking
Rep. Dutch Ruppersberger, D-Md. questions U.S. Ambassador to the UN Nikki Haley as she testifies on Capitol Hill in Washington, Tuesday, June 27, 2017. VOA

The State Department has declined to comment on CyberPoint, but said in an emailed statement on Wednesday that it is “firmly committed to the robust and smart regulation of defense articles and services export” and before granting export licenses it weighs “political, military, economic, human rights, and arms control considerations.”

ALSO READ: Huawei Warns Ban on 5G Technology would Harm American Workers

Robert Chesney, a national security law professor at the University of Texas, said the Reuters report raised an alarm over how Washington supervises the export of U.S. cyber capabilities.

“The Project Raven (story) perfectly well documents that there is reason to be concerned and it is Congress’ job to get to the bottom of it,” he said. The bill is expected to be voted on by the full appropriations committee in the coming weeks before going onto the full House. (VOA)

Next Story

Easing Fears in Wake of Data Breach Should be Priority, Says Researcher

Two of the studies surveyed how consumers reacted to the scope of a data breach

0
data breach
Easing fears in the wake of a data breach should be a priority, the researchers said. Pixabay

Once a data breach is reported, people who are fearful quickly become sensitive towards the size and scope of the breach than those who get angry, finds a study led by Indian-origin researchers.

The findings also extend to the stock market where a company’s stock price can be influenced by the size of the breach when the news coverage emphasizes fear, rather than anger.

“The emotions of fear and anger will elicit different reactions. In the wake of a data breach, we wanted to explore those different reactions and see if people acted to protect themselves or directed feelings toward those responsible,” said Subimal Chatterjee, distinguished professor in marketing at Binghamton University in New York.

Chatterjee partnered with Sumantra Sarkar, assistant professor of management information systems and others to conduct three studies to get to their findings. Two of the studies surveyed how consumers reacted to the scope of a data breach.

data breach
They found that only the customers who felt fear after a breach were sensitive to the size and scope of the breach, while scope didn’t matter to angry consumers. Pixabay

They found that only the customers who felt fear after a breach were sensitive to the size and scope of the breach, while scope didn’t matter to angry consumers. “Fearful consumers were sensitive to knowing, for example, if the breach only affected 100 customers or 10 million customers, and we found that the larger the scope, the larger the reaction,” said Chatterjee.

Meanwhile, angry consumers didn’t care if it was 10 customers or 10 million customers. “Their focus wasn’t on the scope. They were directing their focus and anger on the perpetrator,” Chatterjee added.

A third study examined 12,000 news stories about data breaches. Testing for keywords that suggested either a fearful or angry response in the coverage, the researchers then compared the findings to stock prices for affected companies at the time of the coverage.

data breach
They also recommend being extra careful about how you communicate the scope of the data breach, as fearful customers will be very sensitive to the size of breaches. Pixabay

They found that the stock market reacts similarly to how consumers react: Fear makes the stock market sensitive to the scope of a data breach, while anger makes the stock market insensitive to the scope of a data breach.

ALSO READ: Researchers Develop Way to Fight against Bacterial Infections using Electricity

Easing fears in the wake of a data breach should be a priority, the researchers said. They also recommend being extra careful about how you communicate the scope of the data breach, as fearful customers will be very sensitive to the size of breaches.

“If you have 500 million customers that were affected by a breach, but it only represents around 16 per cent of your customer base, you may want to focus on that smaller number in your communications to minimize the threat to fearful customers,” Chatterjee noted in the paper published in the Journal of Business Research. (IANS)