In light of what in is opinion is a new cyber threat, the chair of the U.S. House Intelligence Committee is making a last ditch push to pass controversial cybersecurity legislation before the end of the year.
"There was a very good meeting with some members of the Senate, some briefings on what appears to be a new level of threat that would target networks here from an unusual source that has some very real consequences if you are not able to deal with it," said Rep. Mike Rogers (R-Mich.) during a speech at the U.S. Chamber of Commerce today. "Because of that particular brief, I think it rekindled peoples' interest in trying to get something done here in lame duck."
When asked for more information about the new threats, Rogers wouldn't say much other than it's a country that isn't traditionally viewed as a major cyber threat.
"There are new capabilities coming online every day, so the Chinese are great at stealing information and you have other nation-states that are just developing capabilities to do attacks or denial of service, so you can imagine, our concern is nation states are developing capability to do just that beyond the normal group of [countries] that we often talk about" attacking the United States, said Rogers.
The bill would be a "rekindling" of the Cyber Intelligence Sharing and Protection Act, or CISPA.
CISPA passed in the House in April 2012 but failed to advance in the Senate amid opposition from privacy advocates such as the ACLU, the Electronic Frontier Foundation, the Mozilla Foundation (the creators of Firefox), and even Tim Berners Lee, one of the founding fathers of the Internet.
"The only bill that is bipartisan, that's passed a committee, vetted through a committee, that has had hours and hours and hours of input from end users -- the business community and government folks who are charged with the responsibility to implement it -- is this bill," said Rogers of CISPA.
The bill would allow the government to share intelligence about online threat signatures with companies and allow companies to quickly notify the government when they believe they are under attack without fear of being sued for improperly sharing customers' private information.
"Given this new round of, I would argue new threats, that maybe we can move forward and get the Senate to move a little bit," said Rogers, urging fellow lawmakers to pass information sharing legislation and push any work on bills aimed at mandating minimum cybersecurity standards for banks, utilities, transportation companies, and Internet service providers and other "critical infrastructure" providers to next year.
Congress' most recent attempt at cybersecurity legislation that contained provisions on information-sharing -- the Cybersecurity Act of 2012 (CSA) -- was shot down in August by Republican senators opposed to the minimal security standards that it required of critical infrastructure providers.
"Given the recent rounds of what I would argue are new threat information, I think at least revitalized discussions between the Senate and the House on possibilities for the way forward" for "moving a sharing portion [of legislation] during the lame duck," said Rogers.
If the information isn't shared in "real-time, it doesn't work," said Rogers after his speech.
Rogers went on to join fellow lawmakers in knocking the White House's executive order on cybersecurity that is in the works. Rogers lamented the White House's lack of outreach to Congress and the private sector in the crafting the order.
"This is a huge problem. They've taken no private sector input that we can find, they haven't taken any input [from Congress] and we've spent almost two years studying all of this problem, we've got great data, and this was a bipartisan effort...we've got reams of material, nothing," said Rogers.
Earlier this week, Sen. Susan Collins (R-Maine) co-author of CSA 2012, called the executive order a "big mistake."
Meanwhile, Rogers is pressing for the government to produce a classified and unclassified National Intelligence Estimate on the state of cyber threats worldwide.
"Hopefully we can get some solution on that early next year," said the congressman.
While Rogers wouldn't elaborate on the threat, several cybersecurity experts that Killer Apps spoke with said that he could simply be referring to Sen. Joe Liberman's (I-Ct.) claims last week that recent cyber attacks against U.S. banks may be the work of Iran.