Obama Calls for New Laws to Bolster Cybersecurity
WASHINGTON — President Obama on Tuesday called on Congress to pass broad legislation to bolster cybersecurity across the United States government and private industry, working to capitalize on concern about recent high-profile computer breaches to counter an escalating threat.
Mr. Obama’s proposal, which would be subject to approval by Congress, would increase the prosecution of crimes conducted through computer networks and toughen penalties for them.
It would also shield from liability companies that share information with the government about computer threats, a key point of contention that has hamstrung the president’s past efforts to push through cybersecurity improvements.
“Neither government nor the private sector can defend the nation alone,” the president said Tuesday afternoon during a visit to the National Cybersecurity and Communications Integration Center in Arlington, Va. “It’s going to have to be a shared mission — government and industry working hand in hand.”
The plan is one in a series of technology- and privacy-related proposals Mr. Obama is unveiling in advance of his State of the Union address next Tuesday. Mr. Obama will travel to Iowa on Wednesday to announce steps to expand access to high-speed broadband Internet access to underserved areas.
The new cybersecurity effort came a day after Mr. Obama called for legislation to force American companies to be more forthcoming when credit card data and other consumer information are lost in an online breach like the kind that hit Sony Pictures, Target and Home Depot last year.
“We want cybercriminals to feel the full force of American justice, because they are doing as much damage — if not more, these days — as folks who are involved in more conventional crime,” he said on Tuesday.
Concern about cybersecurity has increased after the hacking of Sony in December, which the United States government says was the work of the North Korean government. The president said that breach and a Monday attack on the United States Central Command’s Twitter account proved the need for an overhaul.
“It just goes to show how much more work we need to do, both public and private sector, to strengthen our cybersecurity to make sure that families’ bank accounts are safe, to make sure that our public infrastructure is safe,” Mr. Obama said at the White House at the start of a meeting with congressional leaders before he detailed his new plan.
Mr. Obama has tried for three years to persuade Congress to pass a cybersecurity bill. On Tuesday, he listed the issue among those where he thought he could find common ground with Republicans.
“I think we agree that this is an area where we can work hard together and get some legislation done,” Mr. Obama said as he opened that meeting.
The cybersecurity measure Mr. Obama envisions would encourage companies to share threat information — such as Internet Protocol addresses, date and time stamps, and routing information — with the Department of Homeland Security, which would swiftly pass it on to other government agencies and industry groups voluntarily formed to share such material. Companies would get “targeted liability protection” for doing so, the White House said, as long as they took steps to protect consumers’ personal information.
Mr. Obama also called for law enforcement tools to combat cybercrime, including to prosecute the sale of botnets, computer networks created to carry out cybercrime, and to give courts power to shut down those involved in denial of service attacks and other fraudulent activities.
As part of the push, the White House announced that Mr. Obama will attend a summit meeting on Feb. 13 at Stanford University that will bring together government officials, business executives, law enforcement officials and public interest advocates to talk about cybersecurity and consumer protection.