President Obama will release an executive order aimed at enhancing the nation’s ability to defend against electronic attacks as early as Wednesday, sources confirm to Fox News.
The long-anticipated order, which comes amid growing concerns over the nation’s vulnerability to cyberattacks, will direct federal agencies to share information about cyberthreats with companies operating critical infrastructure.
The draft order, which has been revised several times over the past few months, would put the Department of Homeland Security in charge of organizing an information-sharing network that rapidly distributes sanitized summaries of top-secret intelligence reports about known cyberthreats that identify a specific target. With these warnings, known as tear lines, the owners and operators of essential U.S. businesses would be better able to block potential attackers from gaining access to their computer systems.
An organized, broad-based approach for sharing cyberthreat information gathered by the government is widely viewed as essential for any plan to protect U.S. computer networks from foreign nations, terrorist groups and hackers. Existing efforts to exchange information are narrowly focused on specific industries, such as the finance sector, and have had varying degrees of success.
Yet a draft of the order obtained by AP has generated stiff opposition from Republicans on Capitol Hill who view it as a unilateral move that bypasses the legislative authority held by Congress.
Administration officials said the order became necessary after Congress failed last summer to pass cybersecurity legislation, leaving critical infrastructure companies vulnerable to a serious and growing threat. Conflicting bills passed separately by the House and Senate included information-sharing provisions. But efforts to get a final measure through both chambers collapsed over the GOP’s concerns that the Senate bill would expand the federal government’s regulatory power and increase costs for businesses.
House Intelligence Committee Chairman Rep. Mike Rogers, R-Mich., said Sunday that 95 percent of private sector networks are vulnerable and most have already been hit.
Some estimates put the value of information hacked from private companies and public agencies at up to $400 billion a year. But many companies are reluctant to admit they’ve been attacked to keep a competitive edge and avoid reactions from shareholders.
Appearing on CBS’ “Face the Nation,” Rogers said that the U.S. government has, essentially “set up lawn chairs, told the burglars where the silver is … and opened the case of beer and watched them do it.”
He indicated that legislation to shore up the nation’s cyberdefenses could be introduced again as early as this week.
The White House has acknowledged that an order from the president, while legally binding, is not enough. Legislation is needed to make other changes to improve the country’s digital defenses. An executive order, for example, cannot offer a company protection from liabilities that might result from a cyberattack on its systems.
The Associated Press and Reuters contributed to his report.