There were 41 bills introduced in the House and Senate yesterday. Two of those bills may be of specific interest to readers of this blog:
HR 2602 To enhance enforcement of laws related to cybercrimes against persons, and for other purposes. Rep. Clark, Katherine M. [D-MA-5]
S 1478 A bill to require the Secretary of Defense to develop a comprehensive plan to support civil authorities in response to cyber attacks by foreign powers, and for other purposes. Sen. Rounds, Mike [R-SD]
I doubt that HR 2602 will specifically apply to control system security issues, but I am concerned that it may have adverse consequences for security researchers. I’ll just have to wait and see what the actual bill looks like.
S 1478 will at least be interesting, particularly the definitions it proposes (or doesn’t) for ‘cyber attacks’ and ‘foreign powers’. I am more concerned about how it deals (or doesn’t) with the attribution problem.