Zeldin: Brookhaven attack demonstrates need for improved cybersecurity
With the rise in digital breaches domestically and abroad, from identity theft, to government and corporate hacking, it’s increasingly clear that cyber-attacks are a growing threat to our security. Just recently, on June 25, 2017, we were reminded of this risk too close to home when outside agents accessed the Town of Brookhaven’s website, as well as several websites belonging to the Ohio state government, and displayed pro-ISIS propaganda.
Immediately following this breach, I was in touch with Brookhaven Town officials to offer my assistance in any way possible making introductions to the Ohio governor’s office and securing necessary support and resources from the federal government. Boosting our cybersecurity capabilities is necessary to protect American companies, individuals, and government to secure personal data and our national security.
In Congress, I have always placed a high priority on advancing legislation to boost our cybersecurity infrastructure and intelligence gathering capability. Last year, the House passed a number of bipartisan bills to address this urgent need, while also promoting more coordination between different levels of governments and the private sector. Just a few of these bills are the Critical Infrastructure Protection Act (H.R. 1073), Protecting Cyber Networks Act (H.R. 1560), National Cybersecurity Protection Advancement Act (H.R. 1731), Strengthening State and Local Cyber Crime Fighting Act (H.R. 3490), State and Local Cyber Protection Act (H.R. 3869), and Cyber Networks Act (H.R. 1560).
This year, the House built on that progress and passed legislation (H.R. 244), which was signed into law by the President, that provides $277 million for the FBI to increase operations to improve cybersecurity efforts, among other national security needs. This May, the President also signed an executive order titled “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” which directs government agencies to better manage cybersecurity risks and improve network security. This executive order builds on efforts from previous administrations by developing strategies and goals that protect our nation’s critical infrastructure and deter major hacks from harmful actors.
In addition to legislative efforts, there are several critical steps we can and should take as we work to tackle this challenge, including close collaboration with the Department of Defense (DOD) and National Security Agency (NSA) to develop proactive security strategies. The best defense against these risks is a highly capable offensive ability. Bad actors wishing to do us harm must be reminded that the United States has no tolerance for any such interference, and that we have the ability to use their own tactics against them.
There should also be strong coordination and data sharing between all levels of government that also includes critically important efforts to protect the personal data and privacy of Americans. Furthermore, we must ensure that businesses are up to date on the latest technology and working closely with law enforcement to further strengthen protections. Companies also have a massive responsibility to protect private personal information in their possession.
Better “cyber hygiene” is also essential to boosting cybersecurity, and sharpening employee practices is a top priority. Far too often, tactics like “Phishing” and “Whaling” are used to trick unsuspecting individuals into accidently or intentionally forwarding private information. Even basic steps, such as locking one’s computer, not opening or replying to suspicious emails, or being cautious when distributing sensitive information, go a long way in reducing these harmful incidents. Despite cyber-attacks occurring every day, too few people are aware of the tactics used against them or the preventative measures they can take to mitigate these threats.
With so many aspects of our lives computerized – from our finances, to our transportation and energy systems, and emergency response programs, we must do everything that we can to boost cybersecurity and strengthen our infrastructure systems to mitigate any and all vulnerabilities. I will continue working across the aisle to further advance policies that boost cybersecurity and best overcome these risks.