WASHINGTON (Reuters) – U.S. lawmakers are pushing legislation that would force the State Department to tell what to do to prevent the spread of the AMERICAN hacking tools all over the world.
A man types on a computer keyboard in front of the listed cyber-code in this illustration photo taken on March 1, 2017. REUTERS/Kacper Pempel/Illustration
A bill in the House of Representatives’ appropriations subcommittee on Tuesday, said Congress is “concerned” about the State Department the ability to monitor U.S. companies that sell offensive cybersecurity products and know-how to other countries.
The proposed legislation, released on Wednesday, would direct the State Department report to Congress on how it decides whether to approve the sale of digital opportunities abroad and to make known what measures it has taken to punish companies for violating its policy in the past year.
National security experts have grown increasingly worried about the spread of the AMERICAN hacking tools and technology.
The legislation follows a report by Reuters in January showed a U.S. defense contractor provided staff of the United Arab Emirates hacking unit called Project Raven. The united arab emirates program used former AMERICAN intelligence agents to target activists, human rights defenders and journalists.
State of officials of the Department the permission to come to the V. S. contractor, Maryland-based CyberPoint International, to help an Emirate intelligence agency in surveillance activities, but it is unclear how much they knew about the activities in the united arab emirates.
Under U.S. law, companies selling cyber offensive products or services to foreign governments must first obtain permission from the Ministry of foreign affairs.
The new measure was added to a State Department spending bill by Dutch Ruppersberger, a Democrat from Maryland and member of the House appropriations Committee.
Ruppersberger said in a statement via e-mail he had “particularly troubled by recent reports in the media” about the State Department’s approval process for the sale of cyberweapons, and services.
CyberPoint’s Chief Executive Officer Karl Gumtow not respond to a request for comment. He was previously told Reuters that his knowledge, CyberPoint employees never carried out hacking operations and always complied with U.S. law.
The State Department has declined to comment on CyberPoint, but said in a statement via e-mail on Wednesday that it is “firmly committed to the robust and smart regulation of defense articles and services export” and before the granting of export licences it weighs “political, military, economic, human rights, and arms control considerations.”
Robert Chesney, a national security law professor at the University of Texas, said that the Reuters report has a alarm over how Washington oversees the export of AMERICAN cyber capabilities.
“The Project Raven (story) perfect documents that there is reason to be concerned and it is the Congress’ job to get to the bottom of it,” he said.
The bill is expected be voted on by the full appropriations committee in the coming weeks before going onto the full House.
Reporting by Christopher Bing and Joel Schectman; editing by Grant McCool