1:26 PM (18 hours ago)
 | | |||
| ||||
July 6, 2016
Mr. James Patterson
766 Harrison Street #211
San Franciisco, California 94107
Dear Mr. Patterson:
Thank you writing to express your concerns about a recent cyber-attack on a hospital in Los Angeles. I appreciate the time you took to write and I welcome the opportunity to respond.
As you know, on February 5, 2016, hackers used malware to seize control of the computer system at Hollywood Presbyterian Medical Center in Los Angeles, California. This incident was a type of attack often referred to as “ransomware”, in which hackers encrypt a computer network’s data and demand ransom in exchange for the decryption key. The hospital paid approximately $17,000 in bitcoin to regain access to the system, and the network is now operating fully without the compromise of any records. Currently, the FBI investigating the attack.
I understand you believe these types of attack are a great danger to public safety, and support federal legislation to protect against similar incidents. Like you, I believe that the threat of cybersecurity attacks is among the greatest threats our nation faces. American financial institutions have incurred multi-million dollar losses due to cyber thefts. Even computer security companies and national security agencies like the FBI and Department of Defense have fallen victim to cyber-attacks. Cyber attackers also hack into our personal computers, access our private information, and use our computers to launch other cyber-attacks. These intrusions affect the United States in substantial and real ways, and the threat is only growing.
To help both our government and private businesses deal with constantly advancing cyber threats, on October 27, 2015, the Senate passed the “Cybersecurity Information Sharing Act” (S. 754) by a strong bi-partisan vote of 74-21. This bill calls for voluntary information sharing of cyber threat information between the government and private companies to improve their ability to identify malicious code or cyber-attack signatures more rapidly. This bill was included in the omnibus spending bill and was signed into law on December 18, 2016.
I have also worked to protect personal privacy of consumers. For example, last Congress, I coauthored the “the “Data Security and Breach Notification Act of 2014” (S. 1976), which would have required the Federal Trade Commission to issue security standards for companies and nonprofit organizations that hold consumers’ personal and financial information. This bill also would have established procedures for these entities to follow in the event of a security breach. Although this legislation did not pass before the 113th Congress adjourned, I continue to work to ensure that consumers’ personal information is protected.
You may also be interested to know that on March 18, 2016, the Senate Judiciary Committee held a hearing called "Ransomware: Understanding the Threat and Exploring Solutions." As a result of this hearing, the Judiciary Committee is considering legislation to address this growing threat. For your convenience, I have included a link to the webcast here:
http://www.judiciary.senate.
Once again, thank you for taking the time to write. Please know that I will keep your concerns in mind as this situation develops. If you have any additional questions or comments, please contact my Washington, D.C. office at (202) 224-3841. Best regards.
Sincerely,
Dianne Feinstein
United States Senator
DF:cb
Further information about my position on issues of concern to California and the nation are available at my website,Feinstein.senate.gov. And please visit my YouTube, Facebook and Twitter for more ways to communicate with me. |
No comments:
Post a Comment