The Senate this afternoon convened to discuss H.R. 5515, the National Defense Authorization Act for Fiscal Year 2019 (NDAA), which is headed for a vote later tonight and is expected to be approved.
NDAA, the annual must-vote defense policy bill, is chockablock with cybersecurity amendments, including one that would reverse President Trump’s plan to suspend trading penalties against China-based communications equipment maker ZTE and another that would establish a panel to protect and defend the United States in the digital realm.
Inclusion of the ZTE amendment in the final bill sets the Senate on course for a confrontation with President Trump. The amendment, introduced by Sens. Tom Cotton, R-Ark., and Chris Van Hollen, D-Md., would ban government agencies from buying goods and services from ZTE and Huawei, another China-based communications equipment maker.
The amendment – which is co-sponsored by Sens. Marco Rubio, R-Fla., Richard Blumenthal, D-Conn., Susan Collins, R-Maine, and Bill Nelson, D-Fla. – would blunt a recent move by the Trump administration to lighten U.S. penalties on ZTE for violating sanctions against selling products and services to Iran and North Korea.
“ZTE has repeatedly violated U.S. law and represents a threat to our national security–Congress cannot and will not allow the Administration to let ZTE off the hook in the interest of Chinese jobs,” Van Hollen said in a statement released last week. “I’m pleased that our bipartisan proposal will be included in the manager’s amendment to the National Defense Authorization Act, and I appreciate my colleagues on both sides of the aisle working together to protect American interests and national security.”
Also slated for inclusion in the NDAA is an amendment establishing a Cyberspace Solarium Commission. The commission would be a 13-member panel designed to develop clear consensus on a strategic approach to protecting and defending the United States in cyberspace. The commission would be staffed by representatives from the executive branch, legislative branch, and private sector who have demonstrated knowledge, expertise, and experience in both the cyberspace and national security fields, according to Sen. Ben Sasse, R-Neb., who sponsored the bill.
The amendment would also affirm that the Defense secretary has the authority to wage clandestine online operations around the world by designating cyber “traditional military activity.” Additionally, the amendment would authorize the President to direct U.S. Cyber Command to go after Russian hackers in cyberspace.
“The United States does not have a serious cyber strategy but our enemies do,” said Sasse. “Hybrid warfare is already here and America is not ready. We desperately need a top-to-bottom review of our cyber posture. After years of cyber attacks from adversaries like Russia, China, and North Korea, Washington has admitted that we don’t have a broadly understood cyber doctrine and we aren’t effectively deterring these attacks. We lack a doctrine that defines how, when, and where we play offense and defense. We don’t have a playbook. It’s time to draft one.”
