House Energy and Commerce Committee – Page 2

Misinformation flooded Parler around Capitol insurrection, research finds

Posted on February 18, 2021 by Shannon Vavra

The overwhelming majority of news links shared on Parler in the days surrounding the Capitol insurrection last month were filled with misinformation, according to an analysis by NewsGuard and PeakMetrics. In all, 87% of news links shared on Parler around the Jan. 6 riots contained misinformation, the analysis published Wednesday concluded. One of the most popular sites shared across the social networking platform was a site that appeared to be an American news outlet, called American Conservatives Today, but which actually was run from North Macedonia and plagiarized stories from The Gateway Pundit. The site, which was created in December of last year, spread lies that the voting equipment maker Dominion Voting Systems was switching votes from then-President Donald Trump to then-candidate Joe Biden. Other popular misinformation-based sites that spread falsehoods on Parler included a video website linked with Alex Jones, InfoWars.com’s founder, which spread lies that Biden was interested […]

The post Misinformation flooded Parler around Capitol insurrection, research finds appeared first on CyberScoop.

Continue reading Misinformation flooded Parler around Capitol insurrection, research finds→

House Dems pressure tech giants over spread of COVID-19 vaccine misinformation

Posted on February 2, 2021 by Tim Starks

With reports of COVID-19 vaccine misinformation and disinformation proliferating on tech platforms, Democratic leaders of the House Energy and Commerce Committee on Tuesday said they want answers from the industry’s titans about what they’re doing to stop it. “As the country enters this next phase in its fight against the virus — the success of which is dependent on hundreds of millions of Americans trusting the science behind these vaccines — the Committee is deeply troubled by news reports of coronavirus vaccine misinformation on your platform,” wrote Democratic leaders of the panel, including Chairman Frank Pallone, D-N.J., to the CEOs of Facebook, Google and Twitter. It’s the latest application of pressure on tech companies from government officials to halt fake news about COVID-19. Just last week, the European Union said it expects Facebook, Google, Microsoft and Twitter to continue delivering monthly reports on the subject for another six months. There’s […]

The post House Dems pressure tech giants over spread of COVID-19 vaccine misinformation appeared first on CyberScoop.

Continue reading House Dems pressure tech giants over spread of COVID-19 vaccine misinformation→

House panel rips CVE contracting and oversight policies

Posted on August 27, 2018 by Sean Lyngaas

The industry-wide program for documenting hardware and software vulnerabilities suffers from fluctuating funding and insufficient oversight, according to a more than year-long investigation by the House Energy and Commerce Committee. “The historical practices for managing the…program are clearly insufficient,” members of the committee wrote in letters Monday to the Department of Homeland Security, which sponsors the program, and the not-for-profit MITRE Corp., which maintains it. “Barring significant improvements, they will likely lead again to challenges that have direct, negative impacts on stakeholders across society.” The program in question, the Common Vulnerabilities and Exposures (CVE) database, has for nearly two decades been a common lexicon for researchers and companies that document security flaws. But the program has experienced a significant backlog as some researchers have struggled to get a response to their submissions. MITRE has undertaken reforms of the program, but House lawmakers say the “root causes” of the program’s woes – its lack […]

The post House panel rips CVE contracting and oversight policies appeared first on Cyberscoop.

Continue reading House panel rips CVE contracting and oversight policies→

Lawmakers want to know how to mitigate cyber risk in medical devices

Posted on April 20, 2018 by Zaid Shoorbajee

House lawmakers are calling on stakeholders in the health care industry for tips on how to secure old technology in the medical field. The Committee on Energy and Commerce put out a request for information Friday detailing its concern that outdated equipment and software used in hospitals and other medical organizations pose cybersecurity vulnerabilities that can put patients at risk. “While health care cybersecurity is a complex, nuanced challenge with many different contributing factors, the use of legacy technologies, which are typically more insecure than their modern counterparts, continues to be a root cause of many incidents,” the committee wrote. Fueling the committee’s concern is the WannaCry ransomware attack that paralyzed operations at numerous hospitals and health organizations around the world. The May 2017 attack, which has been widely attributed to North Korea, exploited unpatched versions of Microsoft Windows. In some cases, the machines were being used to run medical devices, such as MRI scanners and […]

The post Lawmakers want to know how to mitigate cyber risk in medical devices appeared first on Cyberscoop.

Continue reading Lawmakers want to know how to mitigate cyber risk in medical devices→

Congress wants answers on embargo of Spectre and Meltdown information

Posted on January 24, 2018 by Greg Otto

Lawmakers on the House Committee on Energy and Commerce have sent letters to various CEOs at top tech companies asking why information about massive computer chip vulnerabilities was held under embargo for months. The letters focus on the Spectre and Meltdown bugs, deep-rooted flaws in chips produced by leading computer hardware companies that could allow hackers to access steal sensitive data from machines created as far back as 1995. Co-authored by panel Chairman Greg Walden, R-Ore., and members Marsha Blackburn, R-Tenn., Bob Latta, R-Ohio, and Gregg Harper, R-Miss., the letters request answers about why the bugs weren’t disclosed when the companies learned about them in June 2017. The committee has jurisdiction over technology issues. Information about the flaws was supposed to go public in late January, but security researchers tweeted proof-of-concept code before the companies were ready to make announcements. That tweet lead to wider public scrutiny, forcing the companies involved to […]

The post Congress wants answers on embargo of Spectre and Meltdown information appeared first on Cyberscoop.

Continue reading Congress wants answers on embargo of Spectre and Meltdown information→

Lawmaker to HHS: Label software in medical devices

Posted on November 17, 2017 by Shaun Waterman

The Trump administration should convene a national effort in partnership with the private sector to ensure that the owners and operators of medical devices, hospital IT networks and electronic health records systems can find out what software and other components are in the products they buy, says the chairman of the powerful House Energy and Commerce Committee. In a letter Thursday to acting Health and Human Services Secretary Eric Hargen, committee Chairman Greg Walden, R-Ore., notes a congressionally chartered task force on health care cybersecurity earlier this year recommended such transparency requirements. The congressional report said there should be a “Bill of Materials” (BOM) for medical products because hospital IT managers and network administrators “must first understand what they have on their systems, before they can determine whether these technologies are impacted by a given threat or vulnerability.” “We write today to request that [HHS] convene a sector-wide effort to develop a plan of action for creating, deploying and leveraging BOMs […]

The post Lawmaker to HHS: Label software in medical devices appeared first on Cyberscoop.

Continue reading Lawmaker to HHS: Label software in medical devices→

Congress told ‘the market can’t fix’ poor cybersecurity at credit companies

Posted on November 1, 2017 by Shaun Waterman

The day after Halloween, lawmakers at a hearing on the Equifax breach heard scary stories of an under-regulated industry that collects and analyzes vast quantities of data about consumers without their knowledge or consent, stores it insecurely and sells it to the highest bidder. Representatives of the credit reporting industry told the House Energy and Commerce Subcommittee on Digital Commerce and Consumer Protection that those were all campfire tales to frighten children and that searching for a legislative solution would be the governmental equivalent of a snipe hunt. And Republican lawmakers sought to tamp down industry concerns by saying they were still in the information-gathering phase of their work. The hearing, said subcommittee Chairman Bob Latta, R-Ohio, “is an important step toward answering the many questions that consumers are asking.” But the overall tone of proceedings, even from the credit reporting industry’s traditional allies in the GOP, was not at all friendly. “Consumers are getting […]

The post Congress told ‘the market can’t fix’ poor cybersecurity at credit companies appeared first on Cyberscoop.

Continue reading Congress told ‘the market can’t fix’ poor cybersecurity at credit companies→

WannaCry outbreak was first big test of HHS’s new cybersecurity center for health sector

Posted on June 8, 2017 by Shaun Waterman

When the WannaCry computer worms crippled the British National Health Service last month, the response at the U.S. Department of Health and Human Services was led by a new cybersecurity watch center, lawmakers heard Thursday. The Healthcare Cybersecurity and Communications Integration Center, “coordinated the response to WannaCry,” Steve Curren, director of resilience in the HHS Office of Emergency Management, told a House Energy and Commerce subcommittee. When the WannaCry worm struck, crippling dozens of British hospitals, HHS officials “took immediate action to engage [the] broader U.S. health sector and ensure that IT security specialists had the information they needed to protect against, respond to and report intrusions,” Curren said. The HCCIC, (pronounced “aitch-kick”) came online in May is modeled on the Department of Homeland Security’s National Cybersecurity and Communications Integration Center — a 24-hour watch center that pulls in real-time data from vital national industries like banking and telecommunications and distributes warnings and other information. […]

The post WannaCry outbreak was first big test of HHS’s new cybersecurity center for health sector appeared first on Cyberscoop.

Continue reading WannaCry outbreak was first big test of HHS’s new cybersecurity center for health sector→

Apple and FBI Faceoff at House Encryption Hearing

Posted on April 19, 2016 by Tom Spring

Apple and the FBI vow to work together to find compromise solution in encryption debate. Continue reading Apple and FBI Faceoff at House Encryption Hearing→