• Home
  • News
  • Coins2Day 500
  • Tech
  • Finance
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia
TechCongress

U.S. Cyber Bill Would Shift Power From Spy Agency

By
Reuters
Reuters
Down Arrow Button Icon
By
Reuters
Reuters
Down Arrow Button Icon
May 17, 2017, 8:09 PM ET
US-POLITICS-BUDGET
The US Capitol is seen in Washington, DC, April 28, 2017. The US Congress easily passed a one-week stopgap spending bill Friday, assuring there is no embarrassing government shutdown on the 100th day of Donald Trump's presidency. After weeks of tense negotiations over federal spending, the measure sailed through the House and Senate just hours before a midnight deadline. The bill extends current funding levels until May 5, giving lawmakers in the Republican-controlled Congress one week of breathing room to hash out a measure that funds government operations through September, when the fiscal year ends. / AFP PHOTO / SAUL LOEB (Photo credit should read SAUL LOEB/AFP/Getty Images)Saul Loeb—AFP/Getty Images

A bill proposed in Congress on Wednesday would require the U.S. National Security Agency to inform representatives of other government agencies about security holes it finds in software like the one that allowed last week’s “ransomware” attacks.

Under former President Barack Obama, the government created a similar inter-agency review, but it was not required by law and was administered by the NSA itself.

The new bill would mandate a review when a government agency discovers a security hole in a computer product and does not want to alert the manufacturer because it hopes to use the flaw to spy on rivals. It also calls for the review process to be chaired by the defense-oriented Department of Homeland Security rather than the NSA, which spends 90% of its budget on offensive capabilities and spying.

Republican Senator Ron Johnson of Wisconsin and Democratic Senator Brian Schatz of Hawaii introduced the legislation in the U.S. Senate Homeland Security and Governmental Affairs Committee.

Et Data Sheet, Coins2Day’s technology newsletter.

“Striking the balance between U.S. National security and general cyber security is critical, but it’s not easy,” said Senator Schatz in a statement. “This bill strikes that balance.”

Tech companies have long criticized the practice of withholding information about software flaws so they can be used by government intelligence agencies for attacks.

Hackers attacked 200,000 in more than 150 countries last week using a Microsoft Windows software vulnerability that had been developed by the NSA and later leaked online.

Microsoft president Brad Smith harshly criticized government practices on security flaws in the wake of the ransomware attacks. “Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage,” Smith wrote in a blog post.

Agencies like the NSA often have greater incentives to exploit any security holes they find for spying, instead of helping companies protect customers, cyber security experts say.

“Do you get to listen to the Chinese politburo chatting and get credit from the president?” Said Richard Clayton a cyber-security researcher at the University of Cambridge. “Or do you notify the public to help defend everyone else and get less kudos?”

Susan Landau, a cyber security policy expert at Worcester Polytechnic Institute, said that in putting DHS in charge of the process, the new bill was an effort to put the process “into civilian control.”

The new committee’s meetings would still be secret. But once a year it would issue a public version of a secret annual report.

The NSA did not immediately respond to a request for comment.

About the Author
By Reuters
See full bioRight Arrow Button Icon
Rankings
  • 100 Best Companies
  • Coins2Day 500
  • Global 500
  • Coins2Day 500 Europe
  • Most Powerful Women
  • Future 50
  • World’s Most Admired Companies
  • See All Rankings
Sections
  • Finance
  • Leadership
  • Success
  • Tech
  • Asia
  • Europe
  • Environment
  • Coins2Day Crypto
  • Health
  • Retail
  • Lifestyle
  • Politics
  • Newsletters
  • Magazine
  • Features
  • Commentary
  • Mpw
  • CEO Initiative
  • Conferences
  • Personal Finance
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Coins2Day Brand Studio
  • Coins2Day Analytics
  • Coins2Day Conferences
  • Business Development
About Us
  • About Us
  • Editorial Calendar
  • Press Center
  • Work At Coins2Day
  • Diversity And Inclusion
  • Terms And Conditions
  • Site Map

© 2025 Coins2Day Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Coins2Day Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.