The top Senate Republican on homeland security said a serious attack on one of the country’s largest technological security providers this week is an “urgent” sign for Congress to pass comprehensive cybersecurity legislation.
The security company, RSA, was hit by an “extremely sophisticated cyber-attack” according to its executive chairman, who explained that data related to RSA’s SecurID products was stolen.
Sen. Susan Collins (R-Maine), the ranking member on the Senate Homeland Security and Governmental Affairs Committee, stressed that the federal government was as equally prone to cyber-attacks as the private sector and that Congress should act now before it's too late.
"The cyber-attack revealed by RSA today underscores the serious and sophisticated cyberthreat we face,” said Collins.
“Congress needs to fundamentally reshape how the federal government works collaboratively with the private sector to address all cyber threats, from espionage and cyber crime to attacks on the most critical infrastructure. The need to pass comprehensive cyber security legislation is more urgent than ever."
Collins pointed to the Senate sergeant at arms’ statistics from last March that state “the executive branch agencies and the Congress are probed or attacked an average of 1.8 billion times per month.”
The chairman of the House Permanent Select Committee on Intelligence Mike Rogers (R-Mich.) told The Hill last week that the National Security Agency (NSA) was working with U.S. intelligence officials to develop “a way for us to share classified information that NSA might have with the private sector so that they can provide security from attack on their systems.”
Under the developing program that Rogers outlined, companies like RSA would work in tandem with the U.S. government to identify and guard against cyber-attacks.
Earlier this year, the director of the CIA Leon Panetta told Rogers and other members of the House panel that, "The potential for the next Pearl Harbor could very well be a cyber-attack."
Collins and the Senate panel chairman, Joseph Lieberman (I-Conn.), have put forward a bill again this year that would establish an Office of Cyberspace Policy under the president, which would be responsible for crafting “a national strategy to increase the security and resiliency of cyberspace.”
Millions of private and public sector employees use SecurID, which automatically changes the user’s access password every minute.
RSA said that the hackers would not be able to directly attack any of the SecurID customers with the information they stole, but cautioned users to “harden, closely monitor, and limit remote and physical access to infrastructure that is hosting critical security software.”