recommended reading

Congress Questions Software Bug Hoarding, WannaCry Patches and Modern Pirates

Orhan Cam/Shutterstock.com

Congressional efforts to update and generally catch federal IT up with the times moved along this week, including a bill that could change the way the government determines whether it should use software bugs for spying.

The big one, the Modernizing Government Technology Act, easily passed the House Wednesday and awaits some love from the Senate. The bill would create two funding sources for updating old systems: a $500 million central fund and agency-specific capital funds to stash savings from other modernization projects.

Two other bills Wednesday cleared the Senate Homeland Security and Governmental Affairs Committee. The Federal Agency Customer Experience Act would simplify the process agencies go through to solicit feedback about their customer service and rollback requirements agencies have to meet to gather voluntary feedback from citizens and customers.

Sens. James Lankford, R-Okla., and Claire McCaskill, D-Mo., Wednesday, introduced the legislation last week, citing the government’s poor customer service ratings compared to private sector companies. A floor vote has not yet been scheduled.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

The committee also ordered the OPEN Government Data—or Open, Public, Electronic and Necessary Government Data—Act be reported favorably without amendment during a markup meeting. The bipartisan bill would direct agencies to share their data with the public in an easily downloadable, searchable way and also require agencies to establish indexes of the data they publish. The Senate had unanimously passed the bill in 2016.

And then there’s the Protecting our Ability To Counter Hacking, or PATCH, Act, which tackles the government’s not very transparent way it determines whether the government should hold on the software bugs it discovers for intel purposes or to disclose them to companies so patches could be issued. The bill is an effort to balance “national security and general cybersecurity,” Sen. Brian Schatz, D-Hawaii, part of a group that introduced the bill, said in a statement.

Hackers WannaCry, Dems WannaWrite

Sen. Mark Warner, D-Va., wants to know what steps the federal government took to ensure all its computer systems were patched against the WannaCry ransomware attack that pummeled nations around the globe last week, according to a letter sent Monday to leaders at the Homeland Security Department and Office of Management and Budget. Warner’s letter also queried DHS about outreach on WannaCry to critical infrastructure providers.

Two ranking Democrats on House Homeland Security panels sent a letter to Rep. John Ratcliffe, R-Texas, chairman of the committee’s cyber panel Tuesday, urging a hearing examining the cyber resilience of U.S. hospitals and emergency services in the wake of the attack.

Cyber Training Bill Passes House

A bill passed Tuesday by the House would put the power of legislation behind the Secret Service’s National Computer Forensics Institute in Hoover, Alabama, a cybersecurity training center. The center has trained more than 6,000 state and local official, according to a press release from bill sponsor. Rep. John Ratcliffe, R-Texas. Senate Judiciary Chairman Chuck Grassley, R-Iowa, and ranking member Dianne Feinstein, D-Calif., have introduced companion legislation in the Senate.

Shiver Me Servers

Sen. Ben Sasse, R-Neb., meanwhile weighed in Tuesday on a Hollywood Reporter scoop that hackers are threatening to release a Disney film—that just might be “Pirates of the Caribbean: Dead Men Tell No Tales”—unless they’re paid a huge sum in bitcoin. “Digital hostage taking by these modern pirates will grow more frequent and the stakes will escalate” Sasse wrote, lamenting that “government and industry should be bringing urgency to the table, but few in Washington are paying attention.”

$6 Million Tab for Small Business Cyber Bill

A House bill that directs the government’s cybersecurity standards agency to provide additional resources to small businesses would cost $6 million over four years, according to a Friday score from the Congressional Budget Office. That’s the same score CBO gave to a Senate version of the bill earlier this month. Both estimates include $2 million to create the resources in year one and $4 million to keep them updated for the following three years.

Coming Up

Congress will hit interesting tech topics hard Tuesday. It kicks off 10 a.m. with former CIA Director John Brennan testifying Tuesday in an open hearing about Russian activities during the 2016 presidential campaign to the House Select Committee on Intelligence.

Also Tuesday morning, the House Digital Commerce and Consumer Protection subcommittee explores what it will take for drones to deliver pizza, coffee or whatever with testimony from industry representatives, including drone startup Flirtey, as part of its Disrupter series.

In the afternoon, a 2 p.m. joint hearing with the House oversight IT and Ways and Means Social Security subcommittees will dig into how federal agencies use Social Security numbers and perhaps reduce using them as a way to decrease identity theft. The Senate Armed Services cyber subcommittee digs into the cyber stance of each of the military services at 2:30 p.m. with the House Armed Services subcommittee digs into U.S. Cyber Command’s budget for the Cyber Mission Force at 3:30 p.m.

On Wednesday, the Budget Committee digs into the president’s budget and most committees dive into their agencies’ slice, including the General Services Administration at 10 a.m. and DHS at 10:30 a.m. The Senate Judiciary Crime and Terrorism subcommittee discusses law enforcement access to data stored internationally and cooperation efforts at 2:30 p.m.

Mohana Ravindranath, Frank Konkel, Heather Kuldell and Joseph Marks contributed to this report.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.