Hatch introduces legislation to combat cybercrime

Following a worldwide cyberattack that affected more than 300,000 computers, Senator Orrin Hatch (R-UT)—the Chairman of the Senate Republican High-Tech Task Force—introduced bipartisan, bicameral legislation to thwart future cyberattacks against U.S. computer networks. 

The Promoting Good Cyber Hygiene Act instructs the National Institute of Standards and Technology (NIST) to establish a publicly accessible set of voluntary best practices for good cyber hygiene.

“With cybercriminals growing bolder in their attacks, strengthening our cybersecurity infrastructure remains one of my top priorities in the Senate,” Hatch said. “Cyberattacks threaten our economy and inflict untold damage on thousands of Americans. Fortunately, proper cyber hygiene can prevent many of these attacks. This bill will establish best practices for cyber hygiene that will help Americans better protect themselves from enemies online.”

WannaCry, the ransomware that locked thousands of computers in more than 150 countries, took advantage of a software vulnerability that was known and patchable since March of this year. Organizations and individuals practicing good cyber hygiene by installing updates in a timely manner may have been able to dramatically limit the impact of this attack. While the United States was not as severely affected as other countries by this particular attack, our country is still vulnerable to cyber threats. Cyber hygiene best practices must be a key part of the overall national defense strategy.

The Promoting Good Cyber Hygiene Act would help both system administrators and consumers better protect their networks and devices against known cyber threats by:

  • Establishing a baseline set of voluntary best practices;
  • Ensuring these practices are reviewed and updated annually;
  • Making the established best practices available in a clear and concise manner on a publicly accessible website; and
  • Instructing the Department of Homeland Security to study cybersecurity threats relating to Internet of Things devices.