Monday October 21, 2019
Home Lead Story US Lawmakers ...

US Lawmakers Seek Probe to Control the Spread of Hacking Tools Sold Globally

The bill is expected to be voted on by the full appropriations committee in the coming weeks before going onto the full House

0
//
hacking
A man takes part in a hacking contest during the Def Con hacker convention in Las Vegas, Nevada, on July 29, 2017. VOA

U.S. lawmakers are pushing legislation that would force the State Department to report what it is doing to control the spread of U.S. hacking tools around the world.

A bill passed in a House of Representatives’ appropriations subcommittee on Tuesday said Congress is “concerned” about the State Department’s ability to supervise U.S. companies that sell offensive cybersecurity products and know-how to other countries.

The proposed legislation, released on Wednesday, would direct the State Department to report to Congress how it decides whether to approve the sale of cyber capabilities abroad and to disclose any action it has taken to punish companies for violating its policies in the past year.

National security experts have grown increasingly concerned about the proliferation of U.S. hacking tools and technology.

hacking
National security experts have grown increasingly concerned about the proliferation of U.S. hacking tools and technology. Pixabay

The legislation follows a Reuters report in January which showed a U.S. defense contractor provided staff to a United Arab Emirates hacking unit called Project Raven. The UAE program utilized former U.S. intelligence operatives to target militants, human rights activists and journalists.

State Department officials granted permission to the U.S. contractor, Maryland-based CyberPoint International, to assist an Emirate intelligence agency in surveillance operations, but it is unclear how much they knew about its activities in the UAE.

Under U.S. law, companies selling cyber offensive products or services to foreign governments must first obtain permission from the State Department.The new measure was added to a State Department spending bill by Dutch Ruppersberger, a Democrat from Maryland and member of the House Appropriations Committee.

Ruppersberger said in an emailed statement he had been “particularly troubled by recent media reports” about the State Department’s approval process for the sale of cyberweapons and services.

CyberPoint’s Chief Executive Officer Karl Gumtow did not respond to a request for comment. He previously told Reuters that to his knowledge, CyberPoint employees never conducted hacking operations and always complied with U.S. laws.

hacking
Rep. Dutch Ruppersberger, D-Md. questions U.S. Ambassador to the UN Nikki Haley as she testifies on Capitol Hill in Washington, Tuesday, June 27, 2017. VOA

The State Department has declined to comment on CyberPoint, but said in an emailed statement on Wednesday that it is “firmly committed to the robust and smart regulation of defense articles and services export” and before granting export licenses it weighs “political, military, economic, human rights, and arms control considerations.”

ALSO READ: Huawei Warns Ban on 5G Technology would Harm American Workers

Robert Chesney, a national security law professor at the University of Texas, said the Reuters report raised an alarm over how Washington supervises the export of U.S. cyber capabilities.

“The Project Raven (story) perfectly well documents that there is reason to be concerned and it is Congress’ job to get to the bottom of it,” he said. The bill is expected to be voted on by the full appropriations committee in the coming weeks before going onto the full House. (VOA)

Next Story

Reportedly, India Receives 5 lakh Cyber Security Alerts Daily

While India speeds up it's mission to transform into a digital economy with upgraded technologies, the country faces one of the highest rates of cyber security threats in the Asia Pacific region.

0
Cyber Security
India faces one of the highest rates of cyber security threats in the Asia Pacific region. Pixabay

As India speeds up its mission to transform into a truly digital economy with technologies like 5G, the country faces one of the highest rates of cyber security threats in the Asia Pacific region — receiving over 500,000 security alerts daily — which is nearly three times the global average, a new report said on Monday.

According to a joint KPMG in India-Indian Mobile Congress-COAI report released on the first day of “IMC 2019” here, organizations need to be open with consumers about their data being collected as cybercrimes grow.

The impact of a data breach to an organisation averaged $3.9 million globally in 2018; it was around $1.83 million in India last year.

“Nearly 39 per cent of security alerts remain unattended owing to the lack of relevant skill-sets. Though there are approximately 600,000 digitally skilled employees in India, only 10-12 per cent have cybersecurity skills, while even fewer have data protection and privacy skills,” lamented the report.

The skill gap may increase further with rapid digitalization and is being cited as one of main reasons for not adopting advanced security practices and technology.

cyber threat
There are approximately 600,000 digitally skilled employees in India, only 10-12 per cent have Cyber security skills. Pixabay

“Here, it has become essential for organizations to offer relevant training to upskill and reskill employees,” said the report.

To add to their burden, more than half the security alerts investigated by organisations turned out to be false. This experts additional pressure on cybersecurity personnel.

“As India speeds up its mission to transform into a truly digital economic, cybersecurity threats and privacy concerns could impede its success,” said the report.

All stakeholders involved (government, industry, consumers and regulators) should consider implementation of advanced cybersecurity technologies.

Cyber Threat
As India speeds up its mission to transform into a truly digital economic, Cyber Security threats and privacy concerns could impede its success. Pixabay

“Considering the rising threats of the digital age, organisations need to have a comprehensive security architecture in place, one which ensures the protection of critical data across varied networks and environments, and technologies that dynamically respond to threats as they emerge,’ the KPMG in India report mentioned.

It is becoming clear that data ethics, privacy and security need to form an integral part of every organisation’s risk appetite and Board agendas to monitor progress.

ALSO READ: PUBG Rival ‘Fortnite’ Gone Down

“This will require collaboration between entities that extract the data, and those responsible for ensuring that the data is used effectively and ethically,” the report said. (IANS)