The expiration of a cybersecurity law leaves Washington partially helpless against cyberattacks.

 

 US cyber

The expiration of a cybersecurity law leaves Washington partially helpless against cyberattacks.

A key law that helps the federal government protect critical U.S. systems from cyber threats expired with the government shutdown on Wednesday, leaving Washington partially helpless in the face of increasingly sophisticated and persistent adversary attacks.

The Cybersecurity Information Sharing Act has been a cornerstone of US cyber defenses since its signing in 2015, providing legal protection for organizations to share cyber intelligence with the federal government and with each other.

Without it, the private sector—which controls the vast majority of vital networks in the United States, such as power grids, transportation systems, and telecommunications services—is less likely to share vital information for fear of being exposed to legal risks, according to a report by Politico, seen by Al Arabiya Business.

"We are without this vital line of defense," Democratic Senator Gary Peters, a ranking member of the Senate Homeland Security Committee, said on the Senate floor Wednesday as he tried—and failed—to force a vote on reauthorizing the law.

"Every hour we delay is an open invitation to cybercriminals and hostile actors to attack our economy and critical infrastructure," Peters added.

While the law received broad support from the private sector, members of Congress, and within the Trump administration, lawmakers were unable to agree on the terms for its reauthorization.

Several bipartisan efforts to prevent the law from expiring were introduced in both the House and Senate in the weeks leading up to the government shutdown, but Republicans and Democrats in Congress failed to resolve their differences in a timely manner.

Republican Senator Mike Rounds, chairman of the Senate Armed Services Committee's Cybersecurity Subcommittee, said Wednesday that the law's expiration "will halt information sharing at a time when we don't need our adversaries to have another opportunity to tamper with our cyber systems."

The data shared under the law provides a key tool for the federal government to understand how hackers plan attacks on state networks, which have been relentlessly targeted in recent years by Chinese, Russian, North Korean, and Iranian agents.

As lawmakers continue to disagree over a deal to fund the government and potentially revive the Cybersecurity Information Sharing Act, cybersecurity companies are unsure whether they should share threat intelligence with the federal government, slowing the flow of vital information to cybersecurity advocates.

John Miller, senior vice president and general counsel at the Information Technology Industry Council, which represents some of the world's largest IT and cybersecurity companies, warned that without the protections provided by the law, key data may not be passed on.

These protections include exemptions for private companies from federal antitrust laws and disclosure laws such as the Freedom of Information Act.