President Obama’s State of the Union address laid out a host of priorities for the coming year, and much speculation in the wake of the speech has sought to analyze how the president and the new Republican majority in Congress will be able to reconcile their agendas and find common ground. Encouragingly, President Obama gave particular attention to cybersecurity, a vital national security issue that should transcend party politics. Addressing the growing threat of cyber-attacks from a variety of fronts with meaningful, bipartisan legislation would give the president and Congress a golden opportunity to work together in spite of the confines of divided government.
The president specifically called on Congress to pass comprehensive cybersecurity legislation that includes identity theft protection. In doing so, the President correctly highlighted that this is an issue that affects individuals as well as businesses and government institutions. We need look no further than the epidemic of data breaches last year, where stores like Target and banks like J.P. Morgan were hit with cyber-attacks, leaving their customers feeling violated and facing increased risk of fraud.
President Obama further put the country’s online foes on notice, vowing that “[n]o foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families.” When discussing the need for greater information-sharing on cyber-threats, he compared those efforts to the fight against terrorism. This is an important acknowledgement – someone who seeks to harm the American public or private infrastructure can wreak havoc with a keyboard as well as conventional weapons. It is important that these threats are taken just as seriously, no matter where they come from.
It is plainly evident that that high-impact – or at least high-visibility – attacks can come from foreign nations as well as non-state actors. The devastating hacking of Sony Pictures Entertainment has been widely attributed to North Korea, acting in retaliation for their leader Kim Jong Un’s satirical portrayal in Sony’s film The Interview. Their government – naturally – has vehemently denied responsibility, but U.S. intelligence officials appear confident in their assessment that the totalitarian “hermit kingdom” was behind the incursion.
More recently, the Twitter and YouTube accounts operated by the military’s United States Central Command (CENTCOM) came under attack by hackers apparently affiliated with the Islamic State – or ISIS – terrorist group. The Twitter page was decorated with ISIS imagery and began spewing pro-jihadist tweets which a Reuters reporter described as “terrifying.”
The problem was rectified within a matter of hours, and White House Press Secretary Josh Earnest specifically deflected any comparisons to the Sony attack, telling reporters “[t]here’s a pretty significant difference between…a large data breach and the hacking of a Twitter account.” While this statement is accurate on its face, the fact remains that an official online mouthpiece of the most powerful military in the world was compromised, apparently by our enemies or someone acting on their behalf. It shows that, simply put, no one is safe.
Governmental organizations are not the only groups whose Twitter pages have been victimized lately. Other actors appear to be targeting the media. Accounts for the New York Post and United Press International (UPI) suddenly began reporting false news stories involving, among other things, a fraudulent attack by the Chinese navy against a U.S. warship and an announcement by Pope Francis that “World War III has begun.”
These incidents make clear the case for wide-ranging cybersecurity legislation this Congress. The mission is clear. The president and Congress should commit to setting aside political differences and increasing online security for all Americans.