As the Senate prepares to take another stab at passing a comprehensive cybersecurity bill, a new report shows the number of cyberattacks growing dramatically from China.
China has accounted for the largest percentage of attacks since the last quarter of 2011, according to the latest State of the Internet report from Akamai, which provides one of the largest global networks for Internet content delivery. In the third quarter of last year, China accounted for 33% of cyberattacks, more than double the previous quarter.
By comparison, the combined percentage of the second and third countries, the United States and Russia, respectively, was less than 18%, Akamai reported.
"China's growth from the second quarter was fairly significant, and somewhat surprising," the report said.
Akamai is only the latest study to bolster arguments that the U.S. needs to bring private and public organizations together to protect telecommunication systems, government and corporate networks, and power plants, water filtration systems and other critical infrastructure. Adding to the urgency is the rising number and sophistication of cyberattacks.
An example of advanced threats includes dedicated denial of service (DDoS) attacks over the last several months that has sent an unprecedented amount of bogus traffic against the websites of major U.S. banks.
Over the last three years, security experts have identified three highly effective complex viruses -- Duqu, Flame and Stuxnet -- that have struck government systems around the world.
The growing risk is behind efforts in the U.S. Senate to try again at passing a comprehensive cybersecurity bill. A committee in the upper house is in the process of writing the Cybersecurity and American Cyber Competitiveness Act of 2013, which will eventually go to the full Senate.
Sens. John D. Rockefeller IV, chairman of the Commerce, Science, and Transportation Committee; Tom Carper, incoming chairman of the Homeland Security and Governmental Affairs Committee; and Dianne Feinstein, chairman of the Select Committee on Intelligence, introduced the proposal this week.
Experts agree on the need for legislation that would establish processes for public and private organizations to share information that would help build better defenses against attacks.
"Given the continuing attacks that we are seeing against a variety of industries, some sort of legislation is an inevitable necessity, as these businesses will all have to be on the same page to stem the tide," said Al Pascual, analyst for Javelin Strategy & Research. "The cyberthreats facing our nation are real, and we need to start getting real about a solution."
To protect the nation, security can no longer be an option for private industry in charge of critical infrastructure.
"For a law to be successful it has to address data sharing between organizations and include provisions that address/force organizations to have security," said Murray Jennex, an associate professor at San Diego State University and an expert in critical infrastructure security.
Sign up for CIO Asia eNewsletters.