House lawmakers have introduced a bipartisan resolution calling on the federal government to develop and adopt a "comprehensive" cybersecurity policy that defines cyber war.
The resolution, introduced by Reps. Dutch Ruppersberger (D-Md.) and Scott Taylor (R-Va.) on Thursday, asks for a policy “that clearly defines acts of aggression, acts of war, and other related events in cyberspace, including any commensurate responses to any such act or event in cyberspace.”
The resolution cites nine “mega-breaches” that affected the U.S. in 2015, including the one at the Office of Personnel Management (OPM) in which Chinese hackers had access to the personal information of more than 20 million Americans. After the OPM breach, former President Barack ObamaBarack ObamaTrump will ramp up action on executive orders this week: reports French election: Le Pen, Macron will face off Congress must delay ObamaCare's health insurance tax immediately MORE and Chinese President Xi Jinping came to an agreement to tamper down the digital theft of intellectual property. Experts have observed that the agreement was followed by a decrease in Chinese cyber intrusions on U.S. interests.
Lawmakers have been grappling with how to define an act of war in cyberspace as nation states increasingly use cyber to achieve their strategic objectives. Annual defense policy legislation passed in December directs the Trump administration to spell out within a year what behaviors in cyberspace may warrant a military response.
“It’s about time we recognize that cyberspace is the battlefield of the 21st century,” Ruppersberger said in a statement.
“Every day, terrorists, organized criminals even state actors such as Iran and North Korea are honing their cyber skills, threatening our critical infrastructure, safety and economy. It’s not ‘if’ an attack occurs––but when––and we must have a clear and comprehensive cyber strategy in place when that day arrives," he said.
Taylor called for the U.S. to be "a world leader" on cybersecurity, saying, “Our nation must keep up with the ever-changing landscape to protect our citizens, our critical infrastructure, and our nation from being put at risk or attacked.”
The new administration has said it will make cybersecurity a priority, including by holding individual agencies and departments accountable for protecting their networks and tracking their implementation of cybersecurity framework.
President Trump was expected to sign an executive order on cybersecurity in January that was abruptly delayed, and the updated order has not yet been released.