An executive order is being drafted by the Obama administration that would create a program that protects vital computer networks from cyber attacks. The news comes from two former government officials with direct knowledge of the effort, according to Bloomberg.
“An executive order is one of a number of measures we’re considering as we look to implement the president’s direction to do absolutely everything we can to better protect our nation against today’s cyber threats,” White House spokeswoman Caitlin Hayden said in a statement today. “We are not going to comment on ongoing internal deliberations.”
The Obama administration is preparing an executive order with new rules to protect U.S. computer systems, after Congress failed earlier this summer to pass a cybersecurity bill. The provisions include voluntary standards for companies, a special council run by the Homeland Security Department and new regulations covering especially vital systems, according to a draft of the order obtained by The Associated Press.
National security officials have warned that electric grids, water plants, banks and other essential industries operated by the private sector are vulnerable to cyber attacks. Yet there are deep divisions over the best approach for keeping hackers and other criminals, foreign governments or terrorist groups from penetrating these systems, which rely heavily on computer networks to remotely control switches, valves and terminals.
Critical infrastructure systems provide services that are part of everyday life. But an enemy with the proper know-how could cause catastrophic damage and chaos by giving them incorrect commands or infecting them with malicious software. Potential nightmare scenarios include high-speed trains being put on collision courses, blackouts that last days or perhaps even weeks, or chemical plants that inadvertently release deadly gases.
Last month, White House counter terrorism adviser John Brennan said, “If those intruders get into those systems and then can determine how they can in fact interfere in the command and control systems of these systems, they can do things.”
“If the Congress is not going to act on something like this, then the president wants to make sure that we’re doing everything possible,” Brennan said.
Senate Republicans block the cyber security bill that came before them earlier this year citing Constitutional and privacy issues. Brennan claims that opponents misrepresented the bill, which he claims called for “minimum performance standards.” “Believe me, the critical infrastructure of this country is under threat,” Brennan said, adding that foreign states and hackers “are developing advanced technologies, and we have to improve our defenses on this issue.”
This is the big issue. How much control will the federal government have over the internet and those that use it. The Department of Homeland Security has already demonstrated its inability to handle such power and with such power government ends up becoming tyrannical.
The Obama administration is already circulating a draft presidential directive dealing with a related issue: collecting and disseminating information about cyber security threats. That reflects “early” discussions about how to update a 2003 directive for protecting the most critical U.S. assets and “is not close to being done,” Hayden said on Aug. 29.
One issue that the proposed directive didn’t clearly explain is how much authority DHS would have to tell businesses what they must do to protect their computer systems from attack. The document says only that the department would plan “requirements for vulnerability and risk assessments.”
Presidential directives typically address national security or foreign policy matters. They are issued by the National Security Council and may be classified. The directives carry the same weight as executive orders, which deal with management and operations of the executive branch.