Outgoing Intelligence chairman warns of cyber vulnerabilities
Retiring Michigan Republican Mike Rogers’ valedictory is the latest in a series of dire warnings about the need to bolster cyber defenses.
Michigan GOP Rep. Mike Rogers, who is retiring as chairman of the House Intelligence Committee, is warning of "a significant attack that has real financial consequences."
Retiring House Intelligence Committee Chairman Mike Rogers said it might take a catastrophic cyberattack on the nation's financial sector for Congress to pass an information-sharing bill that died in the lame-duck session.
"My fear is that a non-rational actor with nation-state capability is going to be able pull off a significant attack that has real financial consequences," the Michigan Republican told reporters Dec. 12. His rhetoric adds to a series of dire warnings from supporters of bolstering the nation's cyber defenses through legislation.
Rogers had championed an information-sharing bill the House passed last year but whose Senate version stalled once again this month.
Asked if the next Congress will tackle the issue of public-private information sharing, Rogers was adamant: "It has to come back next year." Rogers, who will be cheering the effort on as host of a national radio show, added that lawmakers have discussed who might lead that effort in his absence, though he offered no details.
"It's the one, quick, easy way that you can get at a big part of the problem," he said of information-sharing legislation that limits the legal liability for firms that share cyber threats with the government. He was speaking at a roundtable with reporters hosted by the Christian Science Monitor.
Rogers argued the importance of such a bill by saying that the National Security Agency currently cannot share information on malicious source code it detects on foreign networks with the private sector, leaving critical infrastructure vulnerable to attacks like the massive hack of Sony Pictures last month. Joe Demarest, assistant director of the FBI’s Cyber Division, told Congress last week that the malware used in the attack on Sony would have penetrated about 90 percent of federal network defenses.
Rogers called the Thanksgiving week hack of Sony, which lead to nearly 40 GB of company data being leaked online, a "game-changer" in its destructiveness in that it "tried to take pieces of that company down." Supporters of cybersecurity measures have hoped that whatever large-scale hack is getting headlines, whether of Target last year or of JP Morgan in June, would be that game-changer that spurs Congress to legislate.
Despite the attention that those big breaches have drawn, Rogers, a former FBI agent, said "misguided notions" from the public that they are being spied on by the NSA have undercut efforts to pass a cyber bill.
Though multiple media reports have pointed the finger at North Korea for orchestrating the Sony hack, the FBI has yet to publicly attribute the attack to Pyongyang. Rogers also declined to do that, but added that officials’ ability to attribute a cyberattack to a specific actor is improving.