President Barack Obama met with more than a dozen corporate chief executives to seek their support for stalled cybersecurity legislation amid increasing evidence that government agencies, businesses and individuals are vulnerable to computer network break-ins.
The closed-door session Wednesday at the White House came a day after the nation’s top intelligence officials warned in a Senate hearing that cyberattacks and digital spying have eclipsed terrorism as the top threat to national security. They said the chance of a major attack is remote in the near term, but digital thefts of intellectual property are putting U.S. competitiveness at risk.
As if on cue, authorities reported numerous new attacks Wednesday, and hackers believed to be operating from servers in Russia posted online what appeared to be personal financial information about former Republican presidential nominee Mitt Romney, golfer Tiger Woods and others.
The FBI is investigating whether credit reports, banking information and other financial information from Vice President Joseph Biden and First Lady Michelle Obama were illegally obtained and published online Tuesday. Also that day, hackers posted financial data that appears to be from former Secretary of State Hillary Rodham Clinton, Attorney General Eric Holder, FBI Director Robert Mueller III and Los Angeles Police Chief Charlie Beck.
“What is absolutely true is that we have seen a steady ramping up of cybersecurity threats,” Obama said on ABC’s “Good Morning America.” “Some are state-sponsored. Some are just sponsored by criminals.”
A wave of computer attacks also targeted New York’s JPMorgan Chase & Co., the nation’s biggest bank. Hackers bombarded the Chase website with phony requests, blocking legitimate customers from Internet access to their bank accounts Tuesday and early Wednesday.
No customer data was compromised, and the bank’s mobile, telephone and ATM networks continued to function, spokesman Michael Fusco said.
A group identifying itself as Izz ad-Din al-Qassam Cyber Fighters has mounted denial-of-service attacks against American banks off and on since September. The group, based in the Middle East, says the attacks are retaliation for an online video, produced last year by amateur U.S. filmmakers, that mocks the prophet Muhammad.
Obama issued an executive order Feb. 12 to enable greater sharing of classified intelligence on hacking threats with qualified companies that own or operate crucial infrastructure, including chemical plants, electric grids and water systems.
Facing deep opposition from industry, however, Congress has refused to pass White House-backed legislation that would require companies to meet mandatory cybersecurity standards. Even after the bill was scaled back, and the standards were made voluntary, the bill twice failed to pass the Democrat-controlled Senate.
The recent burst of such thefts and disruptions comes after the release of a report by Mandiant Corp., a Virginia computer security company, that alleged a secretive unit of the Chinese military was conducting broad cyberattacks on U.S. companies, said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, a think tank in Washington.
The Mandiant report cleared the way for Obama and his aides to publicly accuse China of directing, or at least allowing, illicit attacks. China denies that it uses hackers to steal intellectual property from the West.
“We’ve made it very clear to China and some other state actors that, you know, we expect them to follow international norms and abide by international rules,” Obama told ABC. “And we’ll have some pretty tough talk with them. We already have.”
Also driving the current concern is growing evidence that foreign-based hackers are destroying systems, not just stealing data, said Alan Paller, director of research at the SANS Institute, a computer training center in Bethesda, Md.
One reason to bring corporate executives to the ultra-secure Situation Room, Lewis said, is that Obama can share classified information about how their computer networks have been compromised.
“This is a trick they have used in the past,” Lewis said. “Bring in defense company CEOs, give them temporary security clearance for a classified briefing, and they turn pale and faint when they find out what has been taken.”
Los Angeles cybersecurity expert Philip Lieberman, who consults for some of the companies that took part in the meeting, said Obama was trying to persuade the CEOs to spend more on network security and to work more closely with the federal government against such threats.
“The administration is trying to get support from private industry to probe systems on a regular basis so that foreign interests have a tougher time breaking in and disrupting the economy,” he said.
Source: MCT Information Services