[Congressional Record Volume 153, Number 156 (Tuesday, October 16, 2007)]
[House]
[Pages H11609-H11612]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




                              {time}  1830
 SUPPORTING THE GOALS AND IDEALS OF NATIONAL CYBER SECURITY AWARENESS 
                                 MONTH

  Mr. LAMPSON. Mr. Speaker, I move to suspend the rules and agree to 
the resolution (H. Res. 716) expressing the sense of Congress with 
respect to raising awareness and enhancing the state of computer 
security in the United States, and supporting the goals and ideals of 
National Cyber Security Awareness Month.
  The Clerk read the title of the resolution.
  The text of the resolution is as follows:

                              H. Res. 716

       Whereas more than 200,000,000 American adults use the 
     Internet in the United States, 70 percent of whom connect 
     through broadband connections, to communicate with family and 
     friends, manage finances and pay bills, access educational 
     opportunities, shop at home, participate in online 
     entertainment and games, and stay informed of news and 
     current events;
       Whereas United States small businesses, which represent 
     more than 99 percent of all United States employers and 
     employ more than 50 percent of the private workforce, 
     increasingly rely on the Internet to manage their businesses, 
     expand their customer reach, and enhance their connection 
     with their supply chain;
       Whereas nearly 100 percent of public schools in the United 
     States have Internet access, with a significant percentage of 
     instructional rooms connected to the Internet to enhance 
     children's education by providing access to educational 
     online content and encouraging self-initiative to discover 
     research resources;
       Whereas almost 9 in 10 teenagers between the ages of 12 and 
     17, or approximately 87 percent of all youth, use the 
     Internet;
       Whereas the number of children who connect to the Internet 
     at school continues to rise, and teaching children of all 
     ages to become good cyber-citizens through safe, secure, and 
     ethical online behaviors and practices is essential to 
     protect their computer systems and potentially their physical 
     safety;
       Whereas the growth and popularity of social networking 
     websites has attracted millions of teenagers, providing 
     access to a range of valuable services, making it all the 
     more important to teach teenaged users how to avoid potential 
     threats like cyber bullies, predators, and identity thieves 
     they may come across while using such services;
       Whereas cyber security is a critical part of the Nation's 
     overall homeland security;
       Whereas the Nation's critical infrastructures rely on the 
     secure and reliable operation of information networks to 
     support the Nation's financial services, energy, 
     telecommunications, transportation, health care, and 
     emergency response systems;
       Whereas cyber attacks have been attempted against the 
     Nation and the United States economy, and the Department of 
     Homeland Security's mission includes securing the homeland 
     against cyber terrorism and other attacks;
       Whereas Internet users and information infrastructure 
     holders face an increasing threat of malicious attacks 
     through viruses, worms, Trojans, and unwanted programs such 
     as spyware, adware, hacking tools, and password stealers, 
     that are frequent and fast in propagation, are costly to 
     repair, and can cause extensive economic harm;
       Whereas coordination between the numerous Federal agencies 
     involved in cyber security efforts, including the Department 
     of Homeland Security, the National Institute of Standards and 
     Technology, the National Science Foundation, and others is 
     essential to securing America's critical cyber 
     infrastructure;
       Whereas millions of records containing personally-
     identifiable information have been lost, stolen or breached, 
     threatening the security and financial well-being of United 
     States citizens;
       Whereas consumers face significant financial and personal 
     privacy losses due to identity theft and fraud;
       Whereas national organizations, policymakers, government 
     agencies, private sector companies, nonprofit institutions, 
     schools, academic organizations, consumers, and the media 
     recognize the need to increase awareness of computer security 
     and the need for enhanced computer security in the United 
     States;
       Whereas the National Cyber Security Alliance's mission is 
     to increase awareness of cyber security practices and 
     technologies to home users, students, teachers, and small 
     businesses through educational activities, online resources 
     and checklists, and Public Service Announcements; and
       Whereas the National Cyber Security Alliance has designated 
     October as National Cyber Security Awareness Month to provide 
     an opportunity to educate United States citizens about 
     computer security: Now, therefore, be it
       Resolved, That the House of Representatives--
       (1) supports the goals and ideals of National Cyber 
     Security Awareness Month; and
       (2) intends to work with Federal agencies, national 
     organizations, businesses, and educational institutions to 
     encourage the voluntary development and use implementation of 
     existing and future computer security voluntary consensus 
     standards, practices, and technologies in order to enhance 
     the state of computer security in the United States.

  The SPEAKER pro tempore. Pursuant to the rule, the gentleman from 
Texas (Mr. Lampson) and the gentleman from Florida (Mr. Feeney) each 
will control 20 minutes.
  The Chair recognizes the gentleman from Texas.


                             General Leave

  Mr. LAMPSON. Mr. Speaker, I ask unanimous consent that all Members 
may have 5 legislative days to revise and extend their remarks and to 
include extraneous material on H. Res. 716, the resolution now under 
consideration.
  The SPEAKER pro tempore. Is there objection to the request of the 
gentleman from Texas?
  There was no objection.
  Mr. LAMPSON. Mr. Speaker, I yield myself such time as I may consume.
  Mr. Speaker, I rise in support of H. Res. 716, a resolution to 
applaud the goals and activities of National Cyber Security Awareness 
Month. The Science and Technology Committee has been a leader in the 
Congress supporting efforts to promote better security in cyberspace, 
and I am pleased to be able to help raise awareness of this crucial 
issue.
  Each year, Americans become more and more dependent on technology for 
their daily lives. More than 200 million people in this country use the 
Internet for shopping, for education, for socializing, for information 
gathering, for banking and entertainment. An increasing number of 
Internet users are children and seniors. The Internet is looking more 
and more like real life.
  Mr. Speaker, unfortunately, with this growth in usage, we have also 
seen a startling increase in cybercrime. Bank accounts are being 
hacked, children are being bullied and harassed on social networking 
sites, and personal information is being stolen from retailers, 
universities, and even government agency databases.

[[Page H11610]]

  The United States Computer Emergency Readiness Team, US-CERT, found 
that security threats to personally identifiable information grew 500 
percent between the first quarter of 2006 and the first quarter of 
fiscal year 2007 to 103,000 reports. Identity theft has topped the list 
of complaints consumers filed with the FTC for the 7th year in a row, 
accounting for 36 percent, or nearly 250,000 complaints.
  Mr. Speaker, financial crimes are not the only issue; 32 percent of 
teenagers who use the Internet say they have been victims of 
cyberbullying. Criminals and terrorists can also use cyberattacks to 
affect infrastructure, potentially causing physical or economic 
devastation.
  These data breaches and other cybersecurity threats come at a huge 
cost to consumers and to businesses. GAO reports that 31 companies that 
responded to a 2006 survey said that data breaches cost an average of 
$1.4 million per breach. Consumers lose valuable time and energy fixing 
their credit and recovering lost funds. Clearly, we as a Nation must 
make a stronger effort at securing cyberspace.
  Mr. Speaker, that is why I join with my colleagues in applauding the 
efforts of the National Cyber Security Alliance, a public-private 
partnership focused on improving cybersecurity for home users, for 
small businesses and for educational institutions.
  I especially want to thank Chairman Langevin, Mr. McCaul, Chairman 
Wu, Dr. Gingrey, Ms. Lofgren, Mr. Lungren, Chairman Thompson, Mr. King, 
Chairman Gordon, and Mr. Hall for introducing this resolution. Their 
leadership during National Cyber Security Awareness Month and year 
round will help protect us from cybersecurity breaches in all forms.
  The National Cyber Security Alliance conducts public education 
campaigns to alert computer users to potential threats and provides 
guidance on best practices. They organize events for businesses, 
universities and the public to raise awareness of cybersecurity. This 
resolution draws attention to this important organization and the 
critical cause that they champion.
  Mr. Speaker, I urge my colleagues to support this resolution 
commemorating National Cyber Security Awareness Month.
  Mr. Speaker, I reserve the balance of my time.
  Mr. FEENEY. Mr. Speaker, I rise in support of H. Res. 716 and yield 
myself such time as I may consume.
  Mr. Speaker, I want to thank the gentleman from Texas for his 
advocacy on behalf of this resolution. Information technology has 
become an integral part of our lives. It shapes how we communicate, how 
we entertain, and how we work with one another. Computers route our 
phone calls, print our paychecks, constantly tune our Nation's power 
plants and transmission lines to meet our energy demands. The extent to 
which our Nation's infrastructure, economy and way of life depend on 
computers is simply astounding.
  Unfortunately, this reliance on information technology has also left 
us vulnerable to cyberattacks, viruses and worms, as well as identity 
theft. The National Cyber Security Alliance is a public-private 
partnership whose mission is to improve the safety of our computer 
networks at home and at work against those threats.
  Mr. Speaker, the NCSA has declared October National Cyber Security 
Awareness Month and is sponsoring events throughout the country to 
raise awareness of the significant cybersecurity issues that we face as 
a Nation. There are straightforward steps we can take as individuals on 
our personal computers to help protect ourselves.
  The NCSA has a Web site to help consumers and small businesses to 
prevent or respond to cyberattacks at StaySafeOnline.org. It includes 
tips such as how to create strong passwords, how to protect your 
children online, and what to do if you think something goes wrong. As 
part of Cyber Security Awareness Month, we should all visit 
StaySafeOnline.org and consider how we can better protect ourselves, 
such as by ensuring antivirus applications are installed and up to 
date.
  Mr. Speaker, I applaud the organizations and agencies involved in the 
National Cyber Security Awareness Month for their efforts to help us 
all become more responsible and safer computer users. With that, I 
thank the gentleman from Texas (Mr. Lampson).
  Mr. Speaker, I reserve the balance of my time.
  Mr. LAMPSON. Mr. Speaker, I yield 5 minutes to the gentleman from 
Rhode Island (Mr. Langevin).
  (Mr. LANGEVIN asked and was given permission to revise and extend his 
remarks.)
  Mr. LANGEVIN. I thank the gentleman for yielding.
  Mr. Speaker, I rise in strong support of H. Res. 716, a resolution 
supporting the goals and ideals of the National Cyber Security 
Awareness Month. I want to thank my ranking member, Mr. McCaul, for his 
support of this resolution. I commend the other gentleman from Texas 
for his leadership on this issue as well.
  Each year the National Cyber Security Division of the Department of 
Homeland Security joins with the National Cyber Security Alliance, the 
Multi-State Information Sharing and Analysis Center, and other partners 
to support National Cyber Security Awareness Month. The goal of 
National Cyber Security Awareness Month is to show everyday Internet 
users that by taking simple steps, they can safeguard themselves from 
the latest online threats and respond to potential cybercrime 
incidents.
  Mr. Speaker, these safeguards taken by everyday home and office users 
are a critical component in protecting not only these individuals 
themselves, but the larger universe of computer and Internet users as 
well. We all have a role to play. Unfortunately, though, it would be 
dangerous to believe that simple steps by end users will sufficiently 
combat the larger threats associated with an increasingly networked 
society.
  As chairman of the Homeland Security Subcommittee on Emerging 
Threats, Cybersecurity and Science and Technology, I have held a number 
of hearings this year on our Nation's cybersecurity posture and the 
various vulnerabilities in our critical information infrastructure. 
This is an area where I plan to hold increasing hearings and provide 
intense oversight because cybersecurity vulnerabilities can 
significantly impact our national and economic security.
  Mr. Speaker, we all know that security networks can help prevent 
problems like identity theft, but secure networks can also protect our 
nuclear power plants, our electric grids and other critical 
infrastructure.
  Sadly, the issue of cybersecurity has been largely ignored and 
misunderstood for far too long. This is an area that needs greater 
attention and far greater oversight, making sure that both government 
is doing what it is supposed to do, as well as the private sector, to 
make sure that our computer networks are as secure as they possibly can 
be. This is truly an issue of national security.
  The oversight that the Homeland Security Committee is undertaking 
will help change that, but much work remains to be done. I want to 
commend Chairman Bennie Thompson for the attention that he has given 
this issue as well.
  We must continue to bring together greater attention to this issue by 
dedicating resources to securing cyberspace, such as increased funding 
for cybersecurity research and development, but we must also demand 
accountability and prompt action from those officials tasked with 
developing comprehensive strategies for securing cyberspace.
  I am proud to recognize October as National Cyber Security Awareness 
Month, and I hope that the passage of this resolution will bring 
greater attention to the importance and urgency of securing cyberspace.
  I want to thank Chairman Gordon for his leadership in bringing this 
measure to the floor. Again, I want to thank my ranking member, Mr. 
McCaul from Texas, for his partnership in highlighting the importance 
of cybersecurity, and I urge all of my colleagues to join me in 
supporting this important resolution.
  Mr. FEENEY. Mr. Speaker, I am delighted to yield 2 minutes to my 
friend, the gentleman from California (Mr. Herger).
  Mr. HERGER. Mr. Speaker, I rise in support of House Resolution 716. 
While the Internet offers a multitude of benefits, it can also pose 
threats, such as

[[Page H11611]]

identity theft and online scams. It is important to raise awareness of 
these threats and how they can be avoided.
  Cybersecurity is also critical to our national security. A 
cyberattack against our Nation could cripple our communications, 
destroy our energy grids and damage our economy. We must take proactive 
steps today to prevent and respond to future attacks.
  I also commend the Air Force for establishing a Cyber Command. Our 
Nation must be able to defeat any adversary on tomorrow's 
cyberbattlefield.
  I thank my friend from Florida (Mr. Feeney) for yielding time, and I 
urge my colleagues to support this resolution.
  Mr. LAMPSON. Mr. Speaker, I reserve my time.
  Mr. FEENEY. I want to thank my friend from California.
  Mr. Speaker, I yield 4 minutes to my friend, the gentleman from Texas 
(Mr. McCaul).
  Mr. McCAUL of Texas. I thank the gentleman from Florida.
  Mr. Speaker, I want to thank the Members who introduced the bill. I 
want to thank Chairman Langevin, who I have worked with very closely on 
this.
  Mr. Speaker, I rise today to urge the passage of this resolution, 
which supports the goals and ideals of National Cyber Security 
Awareness Month. While I believe it is important to recognize the need 
for cybersecurity awareness, this is an issue that should not be 
limited to just one month. Cybersecurity should be on the minds of all 
of us throughout the entire year.
  Computers and the Internet have become an integral part of American 
business, government and lifestyle. Over 200 million Americans use the 
Internet on a regular basis. Companies, both large and small, rely on 
the Internet to manage their business, expand their customer reach and 
enhance their connection with their supply chain.
  Almost 90 percent of all youth use the Internet, and the vast 
majority of those use the Internet at school. It is important that 
these children are taught to use the Internet in a safe and secure 
manner. This will not only protect their own systems from attack, but 
will provide for their physical safety.
  Cybersecurity is also a critical part of our Nation's overall 
homeland security. The systems that control and monitor our dams, power 
grids, oil and gas supplies, as well as our transportation systems and 
other critical manufacturing processes, are connected to the Internet.
  Right now, a terrorist organization or a hostile nation-state could 
disrupt our critical infrastructure systems and do serious damage to 
our economy without even entering our country. Appropriate 
cybersecurity practices are essential to overall security.
  The dangers associated with online behavior are becoming more and 
more common. These threats range from spam, viruses and identity theft 
to complex computer attacks created by organized crime, terrorist 
organizations and possibly nation-states designed to steal sensitive 
information through espionage.
  Organizations, such as National Cyber Security Alliance, are making 
it their mission to increase awareness of cybersecurity and 
technologies to home users, students, teachers and small businesses. 
These organizations deserve to be recognized for their good work and be 
supported.
  While there is much to do, cybersecurity awareness is growing. The 
Congress has a role to play in encouraging the use of proper 
cybersecurity practices and technologies throughout our country. 
National Cyber Security Awareness Month provides a solid platform from 
which to improve cybersecurity awareness in our country, and I am 
pleased that this Congress is supporting its ideals and its goals. We 
have much more work to do, but being aware of the need for 
cybersecurity is a necessary first step.
  Mr. LAMPSON. Mr. Speaker, I continue to reserve my time.
  Mr. FEENEY. Mr. Speaker, I yield 5 minutes to the gentleman from 
Georgia (Mr. Kingston).
  Mr. KINGSTON. I thank the gentleman for yielding.
  Mr. Speaker, I wanted to talk a little bit about my dad. My dad is 89 
years old. He has never owned a credit card. He has never even had a 
digital telephone. He doesn't have a computer. He doesn't have 
Internet. He is not interested in any of it. And yet, as removed as he 
might be from computer technology on a day-to-day basis, as it would 
appear in his personal life, the truth of the matter is, no one is 
isolated from high tech today.

                              {time}  1845

  His veterans payments, his Social Security payments, his bank 
transfers, his Medicare, all of this comes to him through computer 
networks. If anybody messes up those computer networks, my 89-year-old 
dad will not get the services that he needs. That's why this is so 
important today.
  Today there are some 64,000 hacker programs that are available to 
consumers for free. In addition, there are 12,000 that if you pay 
$1,000 for them, you get 1 year's support. Support for a hacker 
program, can you imagine that. And America's computers are absolutely 
under siege.
  I am proud that in 2002 Armstrong Atlantic University in Savannah, 
Georgia, began its Regional Center for Cybersecurity Education and 
Training. This was part of the G-8 Summit which was held in Savannah, 
Georgia, in 2004, and they played a key role in the law enforcement 
efforts surrounding the G-8.
  Since then, Armstrong Atlantic University has taken on partners of 
Washington Group International and Bridgeborn, and they are offering 
all kinds of computer security training programs, from simulating and 
modeling to visualization, covert channels, cybersecurity and security 
of networks.
  Why is this important? Now, Mr. McCaul said there are 200 million 
U.S. citizens connected to the Internet. It is even more than that. The 
numbers of people with access have increased over 182 percent from 2000 
to 2005. In 2006, total nontravel-related spending on the Internet is 
estimated to be over $100 billion. That is a 24 percent increase over 
2005. In 2005 the FBI has estimated that American businesses lost $67 
billion because of computer crime, and that number of $67 billion in 
2005 has moved to over $105 billion in 2007.
  The United States is the location of 40 percent of the known command-
and-control servers; and because of that, we are the target of attack 
after attack. Most of these are executed by botnets, which are a 
collection of broadband-enabled PCs hijacked during virus and worm 
attacks and seeded with software that connects back to a server to 
receive communications from a remote attacker. In other words, the 
botnets all work together to simultaneously and consistently and 
constantly attack computer networks, such as the Department of Defense, 
the Centers for Disease Control, and the Department of Energy.
  In fact, in America our governmental computers alone get millions of 
attacks each and every day. It is something that we all should be very 
concerned about. The United States was the top country for malicious 
activity, making up over 31 percent of the worldwide total.
  Personal information, for example, on veterans in May 2006 was taken 
home with a Veterans Administration employee, and 26 million veterans 
had their own personal information compromised simply because one 
employee took a laptop home. Now 25 years ago that may have required a 
truckload to carry that many files home. But just think about it, all 
he did was take a laptop home. And if the employee's house had not been 
broken into and the laptop stolen, we still might not have known about 
it. The Department ended up spending $200,000 a day just to operate a 
call center to explain to veterans how this might affect their service. 
Of course, there are class action lawsuits that have followed, and 
there will be a lot more discussion about that.
  In September 2000, a 16-year-old young man in Florida intercepted 
3,300 e-mails from one Department of Defense operation. He also stole 
13 NASA computers.
  In February 2001, Gary McKinnon of London took a poorly secured 
Windows system of NASA and the Pentagon and 12 other military 
operations and caused almost $1 million worth of damage by just 
basically playing around.
  We know that in March 2007 Max Ray Butler, a 27-year-old computer 
expert

[[Page H11612]]

working as an FBI informant was indicted on 15 criminal counts for 
allegedly hacking into the U.S. Department of Defense Air Force and 
other computer-sensitive systems.
  The list goes on and on, even to the extent that you have folks in 
China and North Korea purposely attacking American systems. I will 
submit some of these for the Record, but the list goes on and on. That 
is why it is very important for us to support this legislation and have 
Members talking about it and knowledgeable.
  If you think about cybersecurity now, the cost of it is more than 
what it is for the illegal drug trade in America. This is a huge 
problem, but it is kind of a quiet problem and this resolution helps 
raise its visibility.
  Mr. FEENEY. Mr. Speaker, I have no further requests for time, I thank 
the gentleman from Georgia and the gentleman from Texas, and I yield 
back the balance of my time.
  Mr. LAMPSON. Mr. Speaker, I just want to encourage all of our 
colleagues to support this legislation. It is critically important, and 
I want to express my appreciation to all of the sponsors who made such 
a tremendous effort to bring it here to the floor.
  Mr. Speaker, I yield back the balance of my time.
  The SPEAKER pro tempore. The question is on the motion offered by the 
gentleman from Texas (Mr. Lampson) that the House suspend the rules and 
agree to the resolution, H. Res. 716.
  The question was taken; and (two-thirds being in the affirmative) the 
rules were suspended and the resolution was agreed to.
  A motion to reconsider was laid on the table.

                          ____________________