(MintPress) – In the wake of numerous Anonymous hacktivist operations against the government over online privacy infringements to U.S. citizens, President Barack Obama is expected to issue an executive order today aimed at increasing the government’s ability to halt cyberattacks altogether.
His announcement will come on the same morning House Intelligence Committee Chairman Mike Rogers (R-Mich.) is expected to introduce an unchanged version of the Cyber Intelligence Sharing and Protection Act (CISPA).
CISPA failed to pass the Senate on two accounts and faced widespread criticism among civil rights activists concerned that the sharing provisions of the bill would allow the government to obtain information on citizens without a warrant, especially when working with businesses that collect private consumer information.
Obama’s version is expected to alter the relationship CISPA created among government agencies and corporations, creating a voluntary program businesses could opt into to increase cybersecurity standards to government regulations.
This is a step in the right direction for activists and civil rights groups, including the American Civil Liberties Union (ACLU), which criticized CISPA for its ability to expose the personal details of corporate technology users to the government in the name of national security.
Not all concerns have subsided, however.
“Critics of the different proposed cybersecurity measures are concerned that increased cooperation between Internet businesses and U.S. intelligence agencies could erode user privacy,” writes Edward Moyer of CNET, a technology-focussed publication. “And some have gone so far as to say that hasty regulations of things like the Denial of Service attacks used against U.S. banks could hamper legitimate forms of protest.”
CISPA controversy
“CISPA would create a loophole in all existing privacy laws, allowing companies to share Internet users’ data with the National Security Agency (NSA), part of the Department of Defense, and the biggest spy agency in the world — without any legal oversight,” the American Civil Liberties Union (ACLU) states on its website.
More than 800,000 Americans signed a petition against CISPA’s passage. And it seems their voices were heard. The bill failed twice to make it through Congress — and if it did, there was a veto threat waiting on the other end.
“The bill (also) lacks sufficient limitations on the sharing of personally identifiable information between private entities and does not contain adequate oversight or accountability measures necessary to ensure that the data is used only for appropriate purposes,” the Statement of Administration Policy regarding CISPA stated in April, 2012.
The executive order is expected to taper that oversight, in part, to include a partnership that would share cybersecurity infrastructure that focuses on protecting government and corporate programs from attack — if the government detects an attack, it would be able to share that information with corporations, and vice versa, leaving the unwarranted quest into users’ data out of it.
Legislators who favor CISPA claim this executive order will not do enough, placing the burden on companies to voluntarily fund their cybersecurity partnership with the government.
The executive order would create a voluntary program through which corporations could participate, using infrastructure that would meet the new cybersecurity standards issued by the government.
And while this is seen as a step in the right direction among privacy activists, additional legislation addressing cybersecurity for the nation’s power grids and critical infrastructure.
“We need comprehensive cybersecurity legislation,” Senior Director for Cybersecurity at the White House, Andy Ozment, said last week. “We cannot do everything under our existing authorities.”
Executive order addresses hacks
In November 2012, a copy of the the executive order draft was leaked. Its text revealed attempts to quell concerns over civil liberty violations, acknowledging the concerns CISPA exposed over privacy issues.
Section 1 of the draft specifically addresses the cyber attacks that government websites have come under, presumably the work of Hacktivist organization, Anonymous.
“Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity,” the draft states. “The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront.”
Government websites and financial institutions have been the aim recently of hacktivists who have used technology as a tool for creating awareness and protesting against government initiatives to pass legislation allegedly aimed at enhancing cyber security. On the evening of the Super Bowl, Anonymous hacked into an Alabama government website, using it to publish the information of 4,000 bank executives throughout the nation.
Early February also saw Anonymous attacks on the Federal Reserve system, interrupting the agency’s website.
“The Federal Reserve system is aware that information was obtained by exploiting a temporary vulnerability in a website vendor product,” the agency’s spokesperson told Reuters News Agency. “Exposure was fixed shortly after discovery and is no longer an issue. This incident did not affect critical operations of the Federal Reserve System.”
The U.S. Energy Department also claimed its internal system had been breached, according to CNET.
“The Department of Energy has just confirmed a recent cyber-incident that occurred in mid-January which targeted the headquarters’ network and resulted in the unauthorized disclosure of employee and contractor Personally Identifiable Information,” an email to its employees stated.
These are the very attacks the White House claims to be combatting.
Anonymous, however, continues to hack, not for the purpose of harming the people, but for the purpose of protesting legislation such as CISPA and, most recently, the Department of Justice’s treatment of Aaron Swartz, co-founder of Reddit and internet reform activist who committed suicide in the midst of a DOJ investigation into a JSTOR hack.
Anonymous has specifically linked its attack on its most recent government hacks to the treatment Swartz received at the hand of U.S. Attorney General Eric Holder, who was questioned by the Committee on Oversight and Government Reform for his handling of the Swartz case.
Swartz arrested for hacking into JSTOR, but charges were dropped after he returned the documents obtained. The DOJ then pursued the case, using heavy-handed approach to pursue Swartz.