Wednesday, September 29, 2010

Lawmakers pushing legislation to boost national security on online messaging

Recent developments in Congress could lead the government to sacrifice certain privacy standards of internet users in the United States as part of the effort to reduce cyber crime threats facing large businesses and federal agencies.

National security officials and federal law enforcement authorities have been trying to push Congress to pass legislation giving them more access to internet communications. The initiative includes more modern web interactions, such as social networking sites, peer-to-peer messaging sites and BlackBerry messages. According to James Dempsey, vice president of internet policy group the Center for Democracy and Technology, such laws could completely revolutionize internet security and privacy in the country.

"They are really asking for the authority to redesign services that take advantage of the unique, and now pervasive, architecture of the internet," he told the New York Times. "They basically want to turn back the clock and make internet services function the way that the telephone system used to function."

The mandates might soon be a reality, as well. According to the New York Times, the Obama administration plans to submit a bill next year, allowing federal law enforcement and national security authorities to intercept any form of online communication and unscramble encrypted messages if passed.

"We're talking about lawfully authorized intercepts," Valerie Caproni, general counsel for the Federal Bureau of Investigation, told the news provider. "We're not talking expanding authority. We're talking about preserving our ability to execute our existing authority in order to protect the public safety and national security."

The recent federal push may be a result of mounting online security threats, some of which originate from organized crime and conflicting governments, that the federal government has struggled to defend against. For example, Tony Sager, chief of the vulnerability analysis and operations group at the National Security Agency, spoke at a recent government cybersecurity conference about the changes the federal government needs to make to keep pace with emerging threats from cyber criminals.

"Spending 90 percent of the money on things like hygiene and patching is all wrong," Sager said at the federal government's annual Security Automation Conference, according to InformationWeek. "You have to solve the problem at the enterprise level, at the best practices, at the configuration management level. The future of cyber-defense is really about information management."

These changes, according to Sager, should come as a result of recent spikes in federal data loss at the hands of cyber criminals.

"Think about the trouble ticketing system or the licensing system, for example," he said. "If VMs are crashing at a much higher rate than they were last month or obscure versions of programs are being run, might that indicate that something is going on?"

Additionally, as a recent Cisco study projected the number of global internet users to reach 5 million by 2025, government regulations may need to change during the next 15 years to boost security throughout rapidly expanding global networks.