If hackers can spy on you all then so should we – US Senator logic

CISA info-sharing bill tacked onto military funding paperwork


Following the cyber-attack during which dossiers on four million US government employees were stolen from Uncle Sam's servers, staggering out of the smoldering blast crater is Senator Richard Burr (R-NC). And he's not happy.

In his soot-covered hand is a copy of the Cybersecurity Information Sharing Act (CISA), and this week, he angrily stapled it to another proposed law. Because that's how people get things done in Washington.

The CISA legislation was written to allow technology companies to share information about their customers with the Feds for the purposes of national security and online threats, in exchange for partial legal immunity from citizens upset about this data handover. Critics say it's a license to spy, whereas supporters say it will thwart the cyber-boogeymen.

CISA was due to be debated in the Senate later this year, but Burr has now added it as an amendment to the larger National Defense Authorization Act, which is primarily focused on military funding.

"The recent cyber breach at the Office of Personnel Management was a serious attack on our government and we cannot continue to have citizens' personal information needlessly exposed to foreign adversaries and criminals," said Burr, referring to the government data center compromise revealed earlier this month. Hackers swiped from the Office of Personnel Management sensitive records on millions of Americans, some of whom had applied for security clearances. Its IT defenses were found to be lacking by auditors.

"We can no longer simply watch Americans' personal information continue to be compromised. This bill is long needed and will help us combat threats to our country and our economy," Burr continued.

But the move has been decried by one of the authors of the legislation, Senator Dianne Feinstein (D-CA). She had been marshaling support on the Democratic side of the Senate for the legislation, but the move to add it on as an amendment – which would limit debating time on its provisions – has now imperiled that.

"Filing the cybersecurity bill as an amendment to the defense authorization bill prompted a lot of legitimate and understandable concern from both sides of the aisle," Feinstein said in Congress, The Hill reports. "People want a debate on the legislation, and they want an opportunity to offer relevant amendments."

The move has already brought strong condemnation from senior members of the Senate who serve on the intelligence subcommittee. Senator Ron Wyden (D-OR) said he would fight the move, and would offer additional amendments to deal with what he describes as flawed legislation.

"Cybersecurity threats demand thoughtful solutions, not half-baked efforts that don't address the real problems," he said.

"CISA would create a way for the government to obtain Americans' information without a warrant, and without adequate protections to protect their privacy. Most security experts agree that encouraging private companies to share more information with the government would have done little if anything to prevent recent data breaches." ®

Similar topics


Other stories you might like

  • Hive ransomware gang rapidly evolves with complex encryption, Rust code
    RaaS malware devs have been busy bees

    The Hive group, which has become one of the most prolific ransomware-as-a-service (RaaS) operators, has significantly overhauled its malware, including migrating the code to the Rust programming language and using a more complex file encryption process.

    Researchers at the Microsoft Threat Intelligence Center (MSTIC) uncovered the Hive variant while analyzing a change in the group's methods.

    "With its latest variant carrying several major upgrades, Hive also proves it's one of the fastest evolving ransomware families, exemplifying the continuously changing ransomware ecosystem," the researchers said in a write-up this week.

    Continue reading
  • What do you mean your exaflop is better than mine?
    Gaming the system was fine for a while, now it's time to get precise about precision

    Comment A multi-exaflop supercomputer the size of your mini-fridge? Sure, but read the fine print and you may discover those performance figures have been a bit … stretched.

    As more chipmakers bake support for 8-bit floating point (FP8) math into next-gen silicon, we can expect an era of increasingly wild AI performance claims that differ dramatically from the standard way of measuring large system performance, using double-precision 64-bit floating point or FP64.

    When vendors shout about exascale performance, be aware that some will use FP8 and some FP64, and it's important to know which is being used as a metric. A computer system that can achieve (say) 200 peta-FLOPS of FP64 is a much more powerful beast than a system capable of 200 peta-FLOPS at just FP8.

    Continue reading
  • Meta's AI translation breaks 200 language barrier
    Open source model improves translation of rarer spoken languages by 70%

    Meta's quest to translate underserved languages is marking its first victory with the open source release of a language model able to decipher 202 languages.

    Named after Meta's No Language Left Behind initiative and dubbed NLLB-200, the model is the first able to translate so many languages, according to its makers, all with the goal to improve translation for languages overlooked by similar projects. 

    "The vast majority of improvements made in machine translation in the last decades have been for high-resource languages," Meta researchers wrote in a paper [PDF]. "While machine translation continues to grow, the fruits it bears are unevenly distributed," they said. 

    Continue reading

Biting the hand that feeds IT © 1998–2022