https://techcrunch.com/2019/10/09/cisa-subpoena-powers-isp-vulnerable-systems/
By Zack Whittaker
TechCrunch
October 9, 2019
Homeland Security’s cybersecurity division is pushing to change the law that
would allow it to demand information from internet providers that would
identify the owners of vulnerable systems, TechCrunch has learned.
Sources familiar with the proposal say the Cybersecurity and Infrastructure
Security Agency (CISA), founded just less than a year ago, wants the new
administrative subpoena powers to lawfully obtain the contact information of
the owners of vulnerable devices or systems from internet providers.
CISA, which warns both government and private-sector businesses of security
vulnerabilities, privately complained of being unable to warn businesses about
security threats because it can’t always identify who owns a vulnerable system.
The new proposal would allow CISA to use its new powers to directly warn
businesses of threats to critical devices, such as industrial control systems —
typically used in critical infrastructure. These systems are highly sensitive
and are increasingly the target of hackers to disrupt real-world
infrastructure, like the power grid and water supply.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
