Cybersecurity: Tech firms urged to share data with US

  • Published
Media caption,

President Obama: ''We have to make cyber-space safer''

Private tech firms should share more information with government and with each other to tackle cybercrime, according to US President Barack Obama.

"We have to work together like never before" Mr Obama said during a speech at a White House cybersecurity summit hosted in Silicon Valley.

The issue has become a White House priority since a widely publicised hack of Sony Pictures at the end of 2014.

But some key tech firms are concerned about government surveillance.

Senior Google, Yahoo and Facebook executives turned down invitations to the summit, held at Stanford University.

Relations between the US government and tech firms have been strained relations since electronic surveillance practices were exposed by former National Security Agency contractor Edward Snowden.

Image source, Getty Images
Image caption,

Apple chief executive Tim Cook also addressed the conference on Friday

Mr Obama is backing the creation of information sharing and analysis organisations (ISAOs) to help firms and government share material on potential threats.

The plan calls for the development of a common set of voluntary standards for organisations to follow to ensure civil liberties protection, according to the White House.

Mr Obama has also launched an intelligence unit to co-ordinate cyber-threat analysis.

"Just as we're all connected like never before, we have to work together like never before, both to seize opportunities but also meet the challenges of this information age," Mr Obama said.

"Government cannot do this alone. But the fact is that the private sector can't do it alone either because it's government that often has the latest information on new threats."

But one cybersecurity analyst said the proposals "face significant headwinds" from both Congress and large US tech companies.

"Based on the Snowden leaks, these companies believe they've already been badly burned by the government, and have very little to gain by publicly backing the president's proposals," Ben Desjardins, director of security solutions at cybersecurity firm Radware told the Associated Press.

Analysis, Richard Taylor, North America technology correspondent

Image source, Reuters

President Obama is bringing a message of inclusive collaboration to beat cyber threats, and a co-ordinated federal approach, superseding the patchwork of state laws, might seem sensible.

But the absence of Silicon Valley's most senior figures hints at a deep division between it and Washington. They are uneasy about allying strongly with an administration tarnished by Edward Snowden's revelations the NSA has spied extensively on their customers.

More than 18 months on, the tech goliaths are still struggling to rebuild users' trust and they are as keen to protect themselves from prying official eyes as they are from external malevolent hackers.

Mr Obama' own intelligence officials now say cybercrime poses a more pressing threat to national security than terrorism.

But the ongoing tension and mistrust between the security and tech communities does not auger well.

According to Bloomberg, external, Mark Zuckerberg and Marissa Mayer - chief executives of Facebook and Yahoo, respectively - and Google's Larry Page and Eric Schmidt all declined invitations.

Facebook, Yahoo, Google and Microsoft have all sent less senior executives to the conference.

Obama's cybersecurity push follows similar efforts by British Prime Minister David Cameron, who said in January that forms of communication that are resistant to surveillance measures should not be allowed.

His comments were interpreted as a direct attack on encrypted communications, such as Apple's FaceTime and Microsoft's Skype, among others.

The conference also took place in the aftermath of the hacking scandal that hit Sony Pictures and which the US authorities blamed on North Korea.

America and China have also taken more aggressive stances towards each other over cybersecurity recently, with the US charging a series of Chinese people with hacking last year.

The French authorities beefed up their security efforts after claiming to have detected attempts to launch cyber-attacks in the aftermath of the Paris terror attacks.

And this week the Dutch government fell victim to a distributed denial of service attack, which took many of its websites down by flooding them with traffic.