THE COMPUTER VIRUS ERADICATION ACT

Declassified in Part - Sanitized Copy Approved for Release 2014/04/25 : CIA-RDP92M00732R000700070018-5 OCA 3075-89 OFFICE OF CONGRESSIONAL AFFAIRS Routing Slip ACTION INFO 1. D/OCA 2. DD/Legislation 3. DD/Senate Affairs 4. Ch/Senate Affairs 5. DD/House Affairs 6. Ch/House Affairs 7. Admin Officer 8. FOIA Officer Constituent Inquiries 9. Officer 10. Y17 11. 12. SUSPENSE Date Action Officer: Remarks: GAB 31Aug89 Name/Date STAT Declassified in Part - Sanitized Copy Approved for Release 2014/04/25 : CIA-RDP92M00732 R000700070018-5 Declassified in Part - Sanitized Copy Approved for Release 2014/04/25: CIA-RDP92M00732R000700070018-5 Date ROUTING AND TRANSMITTAL SLIP S 3e) TO: (Name, office symbol, room number, building, Agency/Post) 1. ae 4 Initials g Date 2. aittik : 3. Vt:2 4 0 ti". ? . U 4. , 5. Action . File Note and Retum Approval For Clearance Per Conversation As Requested For Correction Prepare Repty Circulate For Your Information '-Seif Me Commit investigate Signature Coordination Justify REMARKS 64( STAT ? STAT STAT STAT DO NOT use this form as a RECORD of *approvals, concurrences. disposals. ? clearances.-and similar actions FROM: (Neme,org. symbol, Agency/Post), 01001 Declassified in Part - Sanitized Copy Approved for Release 2014/04/25: .7,1A-RDP92M00732R000700070018-5 1??13iWiiiT!o1.1 1.20S Room No.?Bldg. Phone Nci_ Declassified in Part - Sanitized Copy Approved for Release 2014/04/25: CIA-RDP92M00732 R000700070018-5 Date ROUTING AND TRANSMITTAL SLIP TO: (Name, office symbol, room number, building, Ageng/Post) 1. POttrt-e-7 //a-et, M- Initials Date 2. 3. ?STAT STAT STAT 4. , S. Action File " Note and Return Approval For Clearance Per Conversation As Requested For Correction ' Prepare Reply Circulate For Your Information See Me Comment Investigate Signature Coordination Justify REMARKS f) ? y8Lee r aladeo/ -ff/Le i6r0 /10X) hAt/te eat DO NOT. use this form as a R CORD of approvals, concurrences,. clearances, and similar actions. efrkt tzseedv4),4e 04241 . y zei 7071 disposals, FROM: (Nan firM1-102OPTIO u S GPO: 19str-491-247/40012 Declassified in Part - Sanitized Copy Approved for Release 2014/04/25: CIA-RDP92M00732R000700070018-5 ? Declassified in Part - Sanitized Copy Approved for Release 2014/04/25: CIA-RDP92M00732R000700070018-5 STA-1' ? ? Conlidential Memorandum For the Record From: Subject: Date: The Computer Virus Eradication Act 26 July 1989 IC FEE_ OCA 25X1 1. On 20 July 1989 a four person panel testified before the House Subcommittee on Telecommunications and Finance in a hearing to examine the vulnerability of national telecommunications networks to computer viruses. The subcommittee was chaired by Rep. Edward Markey (D-MA), and the witness list consisted of representation from the General Accounting Office (GAO), The Computer Software and Services Industry Association (ADAPSO), EDUCOM, and the John von Neuman Supercomputer Center. The witness list is attached. 2. This hearing (1) described the Internet virus incident (2) examined issues relating to Internet security and vulnerabilities, and (3) discussed factors affecting the prosecution of computer virus crimes. It was patterned after a report by the General Accounting Office on the same subject, dated June 1989, but not released to the general public until the time of this hearing. The purpose of the hearing was to form the basis for draft HR55 entitled "The Computer Virus Eradication Act." 3. There was little conflict among the panel members during the hearing. They all agreed that the Internet incident demonstrated that serious vulnerabilities exist in public networks and there is no sure-fire technical protection mechanism for stopping similar problems from occurring in the future. 4. Security vs. usability issues relating to networks were discussed. The panel members concurred that increasing the development and use of security controls like encryption, user authentication, and auditing procedures was a good idea and needed desperately to be done better on many networks including Internet, but would not be the whole solution to the problem. They also believed that limiting access to only trusted users would significantly help the problem; however, it was clearly not appropriate for all situations. Internet is one of these situation where decreasing access is not the solution. ential 25X1 Declassified in Part - Sanitized Copy Approved for Release 2014/04/25: CIA-RDP92M00732R000700070018-5 25X1 Declassified in Part - Sanitized Copy Approved for Release 2014/04/25: CIA-RDP92M00732R000700070018-5 Declassified in Part - Sanitized Copy Approved for Release 2014/04/25: CIA-RDP92M00732R000700070018-5