Advertisement

House passes deterrence bill that would call out nation-state hackers

A bipartisan bill, sponsored by Rep. Ted Yoho, is aimed at deterring foreign governments from conducting operations against U.S. critical infrastructure.
Rep. Ted Yoho speaks at the 2013 Young Americans for Liberty National Convention at George Mason University in Arlington, Va. (Gage Skidmore, Flickr)

The House of Representatives on Wednesday passed a bipartisan bill aimed at deterring foreign governments from conducting hacking operations against U.S. critical infrastructure.

The Cyber Deterrence and Response Act put forth by Rep. Ted Yoho, R-Fla., calls on the president to identify individuals and organizations engaged in state-sponsored hacking that significantly threatens U.S. interests, and then to impose one or more of a slew of sanctions on them.

That “naming and shaming” approach is an effort to ward off future cyberattacks from China, Russia, Iran, and North Korea — four countries that U.S. officials routinely label as top adversaries in cyberspace.

The bill, which passed the House by voice vote, also calls for a uniform list of foreign hacking groups to be published on the Federal Register. Sen. Cory Gardner, R-Colo., last month introduced companion legislation in the Senate.

Advertisement

“Our foreign adversaries have developed sophisticated cyber capabilities that disrupt our networks, threaten our critical infrastructure, harm our economy, and undermine our elections,” Yoho said in a statement. “Collectively, we must do more to combat this digital menace.”

Rep. Jim Langevin, D-R.I., co-founder of the Congressional Cybersecurity Caucus, said the bill is an “important step forward in recognizing that cyberthreats are the new weapon of choice for states who seek to sow discord and engage in conflict below the threshold of war.”

Lawmakers have long urged the executive branch to delineate a cyber deterrence strategy after high-profile breaches of the Office of Personnel Management in 2015 and the Democratic National Committee in 2016.

In response to the demand for a deterrence strategy, the State Department in May recommended that the U.S. government develop a broader set of consequences that can be imposed on adversaries to deter cyberattacks.

Washington should work with allies to inflict “swift, costly, and transparent consequences” on foreign governments that use “significant” malicious cyber activity to harm U.S. interests, the unclassified version of the State Department report says.

Advertisement

Officials such as Vice President Mike Pence and Homeland Secretary Kirstjen Nielsen have touted the administration’s efforts to crack down on foreign hackers. “[T]his administration is replacing complacency with consequences, replacing nations’ deniability with accountability,” Nielsen said in a speech Wednesday.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts