He told us he had one last major goal.
As the chairman of the Homeland Security and Governmental Affairs Committee, he was pushing for passage of the Cybersecurity Act of 2012. The comprehensive legislation was aimed at setting cybersecurity performance requirements to better protect governmental agencies, including defense, from hackers bent on doing the nation harm. It also would have required industries and government agencies to share information about cyberthreats and addressing them.
"The question is whether we will confront this existential threat before it happens," Lieberman said on the Senate floor.
Confronted with opposition from the private sector, which feared it would require industries to share too much, and with other lawmakers failing to share Lieberman's urgency, the legislation was not enacted. And in the eight years since, successive Congresses have remained unserious about the cybersecurity threat. President Obama's calls for action went largely unheeded and it has not been a high priority for the administration of President Trump.
Fast forward to today. The country is confronting the troubling news that Russian intelligence agencies have for months been infiltrating the computer networks of numerous governmental agencies. The Cybersecurity and Infrastructure Security Agency called it "a grave risk to the federal government."
Pentagon, Treasury and Commerce department systems were among those compromised. The Energy Department and its National Nuclear Security Administration, which maintains the American nuclear stockpile, was also compromised.
Understandably, given the national security implications, no details are being provided as to exactly what was accessed, what the implications are, and how vulnerable the systems remain. The hackers certainly took the opportunity to build back-door channels to provide future access, experts say.
Meanwhile, the New York Times reports that Microsoft had identified 40 companies — "at a minimum" — and think tanks that the suspected Russian hackers had also infiltrated. Many are private technology firms, hired to assure the protection of their clients' data.
This was an attack. Surely damage has been done, security compromised, and the ability of Russia to meddle and sabotage — or provide that means to U.S. adversaries — has been enhanced.
The Trump administration reacted with a shrug. As of Friday, the president had said nothing about it.
Worse yet, Trump continued his threat to veto the military spending bill which, finally, does include some serious provisions that could help protect from such threats. Among its many stipulations, it authorizes the government to hunt for foreign hackers, mandates coordination among agencies on cyberdefenses, and creates the position of national cyberdirector.
"This is the most important cyberlegislation ever passed by the U.S. Congress," said Sen. Angus King, the Maine independent who headed the bipartisan Cyberspace Solarium Commission that produced the recommendations incorporated into the defense bill.
It is one more reason Trump should end his misguided threat to veto the bill over his desire for some unrelated legislation — the withdrawal of a law that now shields social media companies from lawsuits charging slander.
Even if the added protections end up passing along with the military spending bill, more will need to be done, including allowing the government to join in the search for threats on some private networks and mandating the level of cooperation Lieberman long ago sought.
Meanwhile, President-elect Joe Biden, said this: "My administration will make cybersecurity a top priority at every level of government — and we will make dealing with this breach a top priority from the moment we take office."
Another Joe will be glad to hear it.
The Day editorial board meets regularly with political, business and community leaders and convenes weekly to formulate editorial viewpoints. It is composed of President and Publisher Tim Dwyer, Editorial Page Editor Paul Choiniere, Managing Editor Tim Cotter, Staff Writer Julia Bergman and retired deputy managing editor Lisa McGinley. However, only the publisher and editorial page editor are responsible for developing the editorial opinions. The board operates independently from the Day newsroom.
(c)2020 The Day, Distributed by Tribune Content Agency, LLC.
