Privacy & Security

After WannaCry, Senators float bill to stop US cyber weapon stockpiling

Leaked NSA tools led to a global hacking, and legislators don’t want that to happen again.
By Jessica Davis
May 18, 2017
11:14 AM

A bipartisan group of Senators introduced a bill Wednesday that seeks to prevent another massive data leak of government-owned hacking tools like the one used in the weekend’s WannaCry ransomware campaign.

The Protecting Our Ability to Counter Hacking Act would force the U.S. government to turn over these hacking tools to an independent review board that would determine the vulnerabilities that need to be secured.

The bill also aims to make public more of these system vulnerabilities so organizations can fix it.

[Also: Senate bill requires NIST to write cybersecurity guidance for small businesses]

The hope is that it would reduce the stockpile of zero-day exploits and prevent the data from being leaked to hackers again. The cybercriminal group Shadow Brokers currently have a cache of these U.S. National Security Agency weapons and are threatening a monthly release. The NSA uses these tools for surveillance and gathering intelligence.

“Striking the balance between U.S. national security and general cybersecurity is critical, but it’s not easy,” Sen. Brian Schatz, D-Hawaii, who introduced the bill, said in a statement. “This bill strikes that balance.”

The bill will codify a framework for government agencies while ensuring it has the needed tools essential to national security, Schatz said.

[Also: WannaCry highlights worst nightmare in medical device security]

“The continued threat of cyberattacks means that we need to combine public and private efforts to maintain the security of America’s networks and information,” Sen. Ron Johnson, R-Wisconsin, said in a statement. “It’s essential that government agencies make zero-day vulnerabilities known to vendors whenever possible.”

PATCH was also sponsored by Sen. Corey Gardner, R-Colorado, Rep. Ted Lieu, D-California, and Rep. Blake Farenthold, R-Texas. It has support from cybersecurity experts and advocacy groups that include McAfee, Mozilla, The Information Technology and Innovation Foundation and New America’s Open Technology Institute -- among others.

The legislation comes on the heels of the WannaCry attack that pummeled Europe, Russia and China over the weekend, including 20 percent of the U.K. National Health Service. WannaCry is thought to be part of the NSA cache of cyber weapons and exploits.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn

Topics: 
Privacy & Security

More regional news

VA building signage

House passes veterans healthcare package without RESET Act

By
Andrea Fox
November 21, 2024
David Miles of Oklahoma Heart Hospital

Deep dive: A tour of all-digital Oklahoma Heart Hospital, where automation is the norm

By
Bill Siwicki
November 21, 2024
Healthcare workers looking at X-ray images on monitors

Streamlining healthcare operations with multicloud-by-design

November 21, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

VA building signage
House passes veterans healthcare package without RESET Act

Most Read

Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
ASTP intros 2024 draft Federal FHIR Action Plan
CrowdStrike all but assures Capitol Hill: Never again
Korea's largest hospital bags APAC's first Stage 6 of new INFRAM
Sens. Warner & Wyden seek healthcare cybersecurity mandates in new bill

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care
Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards

More Stories

BJ Schaknowski of symplr
Too many IT systems with limited alignment impacts care quality
Doctor in scrubs using computer
Tenet to deploy AI platform across its physician network
Healthcare CIO with other healthcare executives
Health system CIOs' strategic responsibilities continue to evolve
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards
Clinicians look at diagnostic imaging
American College of Radiology launches AI quality registry
A doctor with glasses sits at a desk and speaks during a telehealth visit.
DEA and HHS extend virtual prescribing for controlled substances through 2025
Dr. Jay Anders at Medicomp Systems_Computer chip with stethoscope Photo by Just_Super/iStock/Getty Images Plus
Transparency and responsible AI are crucial for medical devices
George Pappas of Intraprise Health on cybersecurity
How to protect telemedicine from cyberattacks