Sen. Carper: U.S. Needs More Safeguards Against Cyber Attacks

WASHINGTON – Sen. Tom Carper (D-Del.) said today that reports of cyber attacks by North Korea are another example of why the United States needs to be better armed to fight these alarming 21st century security threats.

As chairman of the Senate Subcommittee on Federal Financial Management, Government Information, Federal Services and International Security, Sen. Carper has been pushing to increase protections against just such cyber attacks as those reported this week against U.S. and South Korean government websites.

News reports today say that in the United States, the Treasury Department, Secret Service, Federal Trade Commission and Transportation Department web sites were targeted at varying points over recent days, and sites of 11 South Korean organizations were targeted as well, in a possible coordinated nation-state sponsored attack.

Sen. Carper, in April, introduced the “United States Information and Communications Enhancement Act of 2009,” whichwould dramatically reform the way federal agencies defend their sensitive information.

The Carper bill, S. 921, would greatly improve the old Federal Information Security Management Act of 2002, and empower agency Chief Information Security Officers to focus their efforts on monitoring, detecting and preventing cyber intrusions.

“We need to pass this legislation so our federal agencies can stop spending billions of taxpayers’ dollars on wasteful paper compliance and instead invest in real security – the kind of security that prevents these types of attacks against the United States,” Sen. Carper said. “We know that in most cases, cyber criminals prey on insecure software and hardware, and my bill will provide incentives for the federal government to use its great purchasing power to demand private companies sell our agencies more secure products.”

Specifically, the legislation would enhance the power of the Department of Homeland Security’s US-CERT to take proactive actions before a cyber attack penetrates government networks.