|
Lawmakers seek probe on U.S. hacking
services sold globally
Send a link to a friend
 [May 16, 2019]
By Christopher Bing and Joel Schectman
WASHINGTON (Reuters) - U.S. lawmakers are
pushing legislation that would force the State Department to report what
it is doing to control the spread of U.S. hacking tools around the
world.
A bill passed in a House of Representatives' appropriations subcommittee
on Tuesday said Congress is "concerned" about the State Department's
ability to supervise U.S. companies that sell offensive cybersecurity
products and know-how to other countries.
The proposed legislation, released on Wednesday, would direct the State
Department to report to Congress how it decides whether to approve the
sale of cyber capabilities abroad and to disclose any action it has
taken to punish companies for violating its policies in the past year.
National security experts have grown increasingly concerned about the
proliferation of U.S. hacking tools and technology.
The legislation follows a Reuters report in January which showed a U.S.
defense contractor provided staff to a United Arab Emirates hacking unit
called Project Raven. The UAE program utilized former U.S. intelligence
operatives to target militants, human rights activists and journalists.
State Department officials granted permission to the U.S. contractor,
Maryland-based CyberPoint International, to assist an Emirate
intelligence agency in surveillance operations, but it is unclear how
much they knew about its activities in the UAE.
Under U.S. law, companies selling cyber offensive products or services
to foreign governments must first obtain permission from the State
Department.
The new measure was added to a State Department spending bill by Dutch
Ruppersberger, a Democrat from Maryland and member of the House
Appropriations Committee.
[to top of second column]
|
A man types on a computer keyboard in front of the displayed cyber
code in this illustration picture taken on March 1, 2017. REUTERS/Kacper
Pempel/Illustration
Ruppersberger said in an emailed statement he had been "particularly
troubled by recent media reports" about the State Department’s
approval process for the sale of cyberweapons and services.
CyberPoint's Chief Executive Officer Karl Gumtow did not respond to
a request for comment. He previously told Reuters that to his
knowledge, CyberPoint employees never conducted hacking operations
and always complied with U.S. laws.
The State Department has declined to comment on CyberPoint, but said
in an emailed statement on Wednesday that it is "firmly committed to
the robust and smart regulation of defense articles and services
export" and before granting export licenses it weighs "political,
military, economic, human rights, and arms control considerations."
Robert Chesney, a national security law professor at the University
of Texas, said the Reuters report raised an alarm over how
Washington supervises the export of U.S. cyber capabilities.
"The Project Raven (story) perfectly well documents that there is
reason to be concerned and it is Congress' job to get to the bottom
of it," he said.
The bill is expected to be voted on by the full appropriations
committee in the coming weeks before going onto the full House.
(Reporting by Christopher Bing and Joel Schectman; editing by Grant
McCool)
[© 2019 Thomson Reuters. All rights
reserved.]
Copyright 2019 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |
