“In recent days, I have been encouraged to learn of growing interest in enacting a cyber incident reporting law,” Thompson said. “We look forward to trying again this year and hope we can enact cyber incident notification legislation in short order.”
ADVERTISEMENT
Katko described the lack of a national breach reporting law as a “gap.”
“Our federal agencies are often operating in the dark, instead of having access to the aggregate data regarding the tactics, techniques, and procedures of bad actors,” he said. “As we move forward, we must consider approaches to close this gap.”
The concerns come after what were likely Russian hackers compromised at least nine federal agencies and 100 private companies through infiltrating software updates at IT group SolarWinds and through other methods of attack.
SolarWinds hack required massive, sophisticated effort: Microsoft CEO - Expat Guide to Russia expatica.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from expatica.com Daily Mail and Mail on Sunday newspapers.
Microsoft disclosed the attack also compromised some of its systems. It recently concluded that while some code files for Azure, Intune, and Exchange were accessed, no customer data was compromised. At the time, Microsoft President Brad Smith called it a moment of reckoning .
To ensure hackers didn’t modify Microsoft’s code, it crafted CodeQL queries to scan code for malicious modifications. CodeQL is a semantic code-analysis engine that’s part of GitHub and can scan code for security vulnerabilities and share this data with others to help protect their code. It builds a database around the compiling code that can be queried like a normal database. It can be used for static analysis and reactive code inspection across the enterprise.
Lawmakers line up behind potential cyber breach notification legislation msn.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from msn.com Daily Mail and Mail on Sunday newspapers.
Hey, Pentagon, same 5G team! Print this article
The main lesson from Wednesday s Senate Armed Services Committee hearing on emerging technology was quite simple: The Pentagon needs to come to the table with industry.
Unfortunately, what should have been a slap on the wrist became a huge pat on the Pentagon s back. The committee did not hold the Defense Department accountable for hoarding spectrum, such as the frequencies necessary for 5G. Currently, our networks are not able to handle the imminent onslaught of 25.1 billion new Internet of Things devices. If our networks are not upgraded to 5G, their integrity will be degraded and more vulnerable to foreign cyberattacks. If the Pentagon and lawmakers on this committee continue to make 5G political, then we forfeit our leadership in the space to those who seek to cause us harm and make our nation’s security less secure. At the hearing, Microsoft President Brad Smith opened his statement by rightfully stating that innovations in