After a string of high-profile Internet attacks directed at the U.S. government and private sector, Congress and the executive branch are trying to get serious about treating cyber warfare as a foreign policy issue—especially when it comes to addressing threats from China and Russia.
But it’s slow going.
The Senate Foreign Relations Committee added cybersecurity to the portfolio of one of its subpanels, which had its first hearing Thursday. Yet only two members showed up: Colorado Republican Cory Gardner and Maryland Democrat Ben Cardin, chairman and ranking member of the Subcommittee on East Asia, the Pacific, and International Cybersecurity Policy, respectively.
Cybersecurity has captured the attention of Congress this session, taking center stage in hearings and legislation that focus on companies’ policies of notifying customers about data breaches, cyber threat information sharing between the government and private sector, and the value of built-in backdoors on consumer devices that would allow the government to access encrypted communications on iPhones and other gadgets.
But the foreign policy angle hasn’t captured Congress’s imagination just yet.
About an hour into the hearing, Cardin left for another committee meeting, leaving the chairman outnumbered by the panel of witnesses.
Mike Rogers, who was chairman of the House intelligence committee until he left Congress this January, says cybersecurity is the missing piece in U.S. defense policy. “This is the largest national security we face that we have no answer to,” Rogers said at an event at the Hudson Institute on Tuesday. “And candidly, we’re not winning.”
“We are keeping pace, maybe, but policy-wise, we’re behind this problem,” he said.
Christopher Painter, the State Department’s point person on cyber issues, said as much at Thursday’s hearing.
“While the Internet has been growing and evolving for a few decades now, the international community has only more recently begun to fully grasp cyber issues as a foreign policy priority,” Painter said in his prepared testimony.
The federal government has treated the Internet as a battlefield for some time. Documents revealed by former intelligence contractor Edward Snowden showed that the U.S. hacked into Chinese mobile phone companies, and the U.S. is believed to be behind the advanced Stuxnet worm, which targeted Iran’s nuclear centrifuges, although it has never acknowledged being involved.
And increasingly, U.S. companies and government have been on the receiving end of Internet attacks. A hack attributed to North Korea that targeted Sony Pictures revealed hundreds of thousands of private emails, cost the movie studio millions, and drew a rebuke—and possibly retaliation—from the White House. A recent investigation found that Russian hackers found their way into email systems that belong to the State Department and White House. And a Chinese cyber weapon called “Great Cannon” targeted a U.S. company that was hosting software used by dissidents in China.
“When it comes to the foreign policy implications of cyber issues, it is important to begin with the recognition that this subcommittee and the State Department are working in a still-nascent policy space,” Painter said.
As government works to fill that space, Cardin called on an expansion of public-private collaboration, and pointed to proposed information-sharing legislation as an example.
“Government cannot do this alone. We have no choice but to work closely with the private sector,” Cardin said Thursday.
Obama last month announced an executive order that would allow the U.S. to respond to cyber attacks with financial sanctions. “Cyberthreats pose one of the most serious economic and national security challenges to the United States, and my administration is pursuing a comprehensive strategy to confront them,” Obama said then.
Meanwhile, the State Department has been applying its diplomatic expertise to the cyberworld, where it’s been trying to get American allies to work together and with the U.S. to develop a set of “norms” to govern how countries should act on the Internet, Painter said Thursday. The U.S. has engaged in “confidence-building measures” over cyber issues to reduce the possibility of online conflict.
James Lewis, director of the technology program at the Center for Strategic and International Studies and another witness on Thursday’s panel, welcomed the Senate subcommittee to the fray.
“Everyone and their dog is doing cybersecurity, and I guess that’s a good thing,” he said.
What We're Following See More »
President Trump’s portrayal of an effort to funnel more Medicaid dollars to Puerto Rico as a "bailout" is complicating negotiations over a continuing resolution on the budget. "House Democrats are now requiring such assistance as a condition for supporting the continuing resolution," a position that the GOP leadership is amenable to. "But Mr. Trump’s apparent skepticism aligns him with conservative House Republicans inclined to view its request as a bailout, leaving the deal a narrow path to passage in Congress."
Facebook "outlined new measures it is taking to combat what it calls 'information operations' that go well beyond the phenomenon known as fake news" on Thursday. Facebook acknowledged that there are governments using its platform as a tool to launch propaganda information campaigns and "manipulate public opinion in other countries. ... Facebook suspended 30,000 accounts in France ahead of last Sunday’s first-round presidential election."
Democrats in the House are threatening to shut down the government if Republicans expedite a vote on a bill to repeal and replace Obamacare, said Democratic House Whip Steny Hoyer Thursday. Lawmakers have introduced a one-week spending bill to give themselves an extra week to reach a long-term funding deal, which seemed poised to pass easily. However, the White House is pressuring House Republicans to take a vote on their Obamacare replacement Friday to give Trump a legislative victory, though it is still not clear that they have the necessary votes to pass the health care bill. This could go down to the wire.
Members of Congress are eyeing a one-week spending bill which would keep the government open past the Friday night deadline, giving lawmakers an extra week to iron out a long-term deal to fund the government. Without any action, the government would run out of funding starting at midnight Saturday. “I am optimistic that a final funding package will be completed soon," said Rep. Rodney Frelinghuysen, R-N.J., chairman of the House Appropriations Committee.