US President Barack Obama delivers remarks next to Secretary of Homeland Security Jeh Johnson (L) at the National Cybersecurity and Communications Integration Center in Arlington, Virginia, January 13, 2015. [Photo/Agencies] |
Obama unveiled his proposal at the Department of Homeland Security's National Cybersecurity and Communications Integration Center in Arlington, Virginia.
"Now, the problem is that government and the private sector are still not always working as closely together as we should. Sometimes it's still too hard for government to share threat information with companies" and vice versa, Obama said.
His proposal encouraged the private sector to share cyber threat information with the National Cybersecurity and Communications Integration Center and other federal agencies. In exchange, companies will be provided with "targeted liability protection."
The proposal contained provisions that would allow for the prosecution of the sale of botnets, and would give courts the authority to shut down botnets engaged in distributed denial of service attacks and other criminal activity.
A botnet is an army of compromised machines, also known as " zombies", which can be used to launch denial of service attacks on web servers under the command and control of a single "botmaster".
The provisions also would criminalize the overseas sale of stolen US financial information like credit card and bank account numbers and would expand federal law enforcement authority to deter the sale of spyware used to stalk or commit identity theft.
"The bottom line: we want cyber criminals to feel the full force of American justice. Because they are doing as much damage, if not more these days, as folks who are involved in more conventional crime," he said.
Obama also said his government planned to host a summit on cybersecurity and consumer protection at Stanford University on Feb. 13.
Obama first proposed cyber legislation in 2011 but the proposal failed to get congressional approval.
Tuesday's proposal was part of a week-long focus on privacy and cybersecurity by Obama ahead of his State of the Union address next week.
On Monday, he put forward a new legislative proposal requiring companies to notify consumers within 30 days after the theft of personal information is discovered.