Congress Seeks To Outlaw Cyber Intel Sharing With Russia

Trailrunner7 shares a report from On the Wire: A group of House Democrats has introduced a bill that would formalize a policy of the United States not sharing cyber intelligence with Russia. The proposed law is a direct response to comments President Donald Trump made earlier this week after he met with Russian President Vladimir Putin. After the meeting, Trump said on Twitter that he and Putin had discussed forming an "impenetrable Cyber Security unit" to prevent future attacks, including election hacking. The idea was roundly criticized by security and foreign policy experts and within a few hours Trump walked it back, saying it was just an idea and couldn't actually happen. But some legislators are not taking the idea of information sharing with Russia as a hypothetical. On Wednesday, Rep. Ted Lieu (D-Calif.), Rep. Brendan Boyle (D-Pa.), and Rep. Ruben Gallego (D-Ariz.) introduced the No Cyber Cooperation With Russia Act to ensure that the U.S. doesn't hand over any cybersecurity intelligence on attacks or vulnerabilities to Moscow. Recent attacks such as the NotPetya malware outbreak have been linked to Russia, as have the various attacks surrounding the 2016 presidential election. "When the Russians get their hands on cyber intelligence, they exploit it -- as they did last month with the NotPetya malware attack targeting Ukraine and the West. It is a sad state of affairs when Congress needs to prohibit this type of information sharing with an adversary, but since we apparently do, I am proud to introduce the No Cyber Cooperation with Russia Act with my friends Brendan Boyle and Ruben Gallego. I urge my colleagues across the aisle to join us in sending a clear message that Congress will not stand for this proposal to undermine U.S. national security," Lieu said in a statement.

No Cyber Cooperation

[AHuxley]

So the world is now safe for spam, malware and
Equation Group https://en.wikipedia.org/wiki/...
Stuxnet https://en.wikipedia.org/wiki/...
Want some more Magic Lantern with vendor cooperation?
https://en.wikipedia.org/wiki/...
Thats why a global understanding of what is trying to enter, stay on and communicate from systems and networks is so vital.
Malware is often very different to normal OS functions and the more nations and skilled people looking for such changes the better.

I see a problem with this?

[Zombie+Ryushu]

Does this mean they can prosecute Open Source programmers and security experts for publishing Security vulnerabilities to Bugzilla, or LinuxSecurity.com?

Re:I see a problem with this?

[AHuxley]

Re "prosecute Open Source programmers and security experts for publishing" A Russian company publishes a good quality security report.
Could a company in the US use that data directly to secure their networks more quickly?
Have to wait for another nation to republish that information and then act on that much later?
Or would a US company have to detect the same security issue on their own and then rediscover what was in public?
No direct use of any Russian security information or quoting the direct results of a first hop of Russian information?
How many hops from Russia until information is just information again?
Comments on any Russian related product, network, service, research, finding or science is still directly "supporting" Russia in some way?
Security research around the world would slow as lawyers get invited in to help. Spam and malware would be able to spread in the legal confusion.
Experts have to stay in the US or Russia or avoid the USA and Russia so they can keep working around the world on security matters?

How many friends of friends to avoid the US cyber sanctions?

Re:I see a problem with this?

[guises]

Yeah, I got the gist of what you were saying in your comment above. I'm expecting this to be a law about what government agencies are allowed to do, and nothing to do with the population at large. If you're really worried about this then you can look up the text of the bill, it shouldn't be too hard to find.

That's even assuming that this ever gets passed though, and I can't imagine that happening.

Summary is incorrect,

[bongey]

The bill is trying to cut funding to a russia/us cyber security group in the future, that doesn't even exist. It would be unconstitutional from the legislative branch to prevent executive from sharing information for national defense. Better summary directly from politicians http://dearcolleague.us/2017/0... and the text https://www.congress.gov/bill/...

Smug

[geekymachoman]

> When the Russians get their hands on cyber intelligence, they exploit it

As opposed to Americans, who handle information in a way that benefit the greater good ? (/Sarcasm) (Do i really need to provide links ?)

Get off your moral high horse already. You don't want to cooperate with anyone, you want to do things that are in your own interests, and get whoever you can to support your own interests (read: spineless Europeans vassal states). Cooperating with Russia would undermine common American interests and hence it's not good for America, because the Russians, have their own interests.

Has nothing to do with the already stupidly boring narrative "Russians are Evil" that is constantly being rammed into minds of commoners through the popular media channels. By the way, if you going to talk evil, talk about your own politicians and foreign policies that turn at least one country to dust and cause 50 years of political instability in the region every ~ 10 years. I see more evil committed by USG than in Stalin's wildest dreams. You just pack it better, hollywood style, a polished turd for ready for people to eat up and feel better about themselves at next election.

Freakin' hypocrites, the lot of you.