Image
© kaltoons.com
The White House is concerned about the government's "ability to protect citizens" if this bill were to be signed into law

Members of the U.S. House intelligence committee have proposed a bill that would allow private firms to receive cyber threat-related information from government agencies such as the National Security Agency (NSA).

The legislation was proposed Wednesday by Representative Mike Rogers, Republican chairman of the U.S. House intelligence committee, and Representative C.A. "Dutch" Ruppersberger, the committee's senior Democrat.

The bill intends to allow the sharing of classified threat information with defense contractors and internet service providers (ISPs). This would require spy and intelligence agencies to tell ISPs, for example, what types of threats they've identified so that the ISPs can block traffic that contains that particular signature.

In addition, the bill would protect firms who relay cyber threat information to the government from "frivolous" lawsuits.

This bill addresses complaints from ISPs and other private firms regarding the government's lack of information about cyber threats, even though the private sector has informed the government about such threats.

Over the past year alone, many companies and government entities have been hit by cyber attacks such as U.S. defense contractor Lockheed Martin Corp., Citigroup, the Pentagon, and Google.

"Our intelligence agencies collect important information overseas about advanced foreign cyber threats that could dramatically assist the private sector," said Rogers. "The government needs to be able to share this threat intelligence so that the private sector can protect its own networks.

"We will have a catastrophic attack within the next year, whether it's attacking a banking system, a grid system, this is going to happen and we have to make sure that we protect ourselves."

The White House is currently reviewing the bill. It cited concerns about the government's "ability to protect citizens" if this bill were to be signed into law because sensitive information would be released and could land into the wrong hands. This could potentially hold corporations accountable.

The new bill echoes the ideas of former CIA/NSA head Michael Hayden, who said that cyber security threats are "horribly over-classified" back in October.