Congress Struggles to Respond to Hacking Attacks

Posted July 13, 2015 at 1:24pm

A major reason why it will be difficult for law enforcement agents to convince Congress technology firms should weaken their encryption is that encryption is the key to stopping hackers.

Congress is struggling with how to respond to the news that hackers were able to access the personal information of more than 22 million Americans held by the White House’s Office of Personnel Management. OPM Director Katherine Archuleta resigned over the breach.

That follows hacks of company servers at Target and Home Depot, in which millions of customer records were pilfered, and a cyberattack on Sony Pictures Entertainment that destroyed computers and revealed sensitive employee records.

China is suspected of the OPM attack, so the threat from hacking isn’t only one of cyber-theft, it’s also a national security matter. Earlier this month, a group of leading security experts released a paper arguing that weakened encryption would enable more hacking. And at a Senate Judiciary Committee hearing on June 8, Democrat Al Franken of Minnesota said the needs of law enforcement to access encrypted data must be weighed against the possibility that weaker encryption will enable more theft of consumer data by hackers, as well as cyberattacks on critical infrastructure.

“With each new story about a cyberattack or breaches, Americans learn more about just how significant a security interest that we have in strong encryption,” he said.

But law enforcement officers do not believe it is impossible to have encryption that can both deter hackers and allow law enforcement access. “Maybe this is too hard, but given the stakes, given the importance of security on Internet and public safety for the good folks of this country, we gotta give it a shot,” FBI Director James B. Comey said.