must do as the lead civilian agency for cybersecurity. we have seen cybersecurity legislation fail to become law multiple times. le president obama's executive order -- president obama -- while president obama's executive order is making progress in attempts to show up some cyberweaknesses in our nation's fabric, more work needs to be done. with this cybersecurity legislation, we will be doing our part as d.h.s. authorizes to raise the level of cybersecurity , particularly within the federal government and protecting our nation's critical infrastructure. thank you. i reserve the balance of my time. the speaker pro tempore: the gentleman reserves the balance of his time of the the chair recognizes the gentleman from texas. mr. mccaul: i yield as much time as he may consume to the distinguished gentleman from pennsylvania, mr. meehan. let me also point of personal privilege say what an honor it's been to serve with you, sir. we are going to miss you on this committee. the speaker pro tempore: the chair recognizes the gentleman from pennsylv

there is a lot we can learn from this attack and certainly there is great cybersecurity capabilities out there in the marketplace. it's a call to the companies to bring those in-house. >> how do you see those cybersecurity threats cross over into real physical violence? i read a couple around the silk road case and i was surprised to see it come from the internet to a gun shop. >> if you think what's happening online now outside of the sony case, we are connecting all of these devices now to a network connection and have moving parts that can do things. it's becoming a very serious issue of how do we get those things, those devices, these companies secure online. and i think we are making a lot of progress, but with this attack and several others over the last year, to be quite frank, have shown us we have a lot of work to do. >> thanks for joining us. hugh and katherine, we appreciate you joining us. couple of headlines, white house press person is saying the hack is still under investigation. he is saying the white house is holding a daily meeting and this mater is being treated as

. >> we had absolutely sufficient cybersecurity. said that the malware was so sophisticated that 90% of american businesses would have fallen prey to what happened to us. so, no, i don't think we were inadequate at all if our cybersecurity. >> joining us now is the plaintiffs' attorney, matthew george, partner with the firm gerard gibbs. ws welcome to the program. how would you respond on behalf of your clients to that assertion from the ceo of sony pictures? >> well i think there's a number of facts that have yet remain to be seen and one of the comments he made yesterday that was particularly concerning was that as far back as june, the company had notice that perhaps there was going to be a cyberattack or cyberthreats related to the release of this picture. so the entity behind that attack, if it was north korea, had used similar methods and prior attacks against south korea and its banks. so why didn't sony implement specific measures into six months before the breach in response to that? >> you're obviously more emphatic than t

hagel never made any, very few public statements at all about cybersecurity and cyber warfare. i hope that the next defense secretary will come in and start to make it a priority to get some of those authorities out of the agency and put them over with cyber command where i think they more properly belong. i think you actually can get better oversight of a military organization than you can of the nsa. >> if i can interrupt with one other follow on. >> go to the mic. >> follow on -- thank you, follow-on question. is this another part of kind of defense policy where the white house and the nsc or even the justice department has scooped up some of the sexy aspects, the hot button kinds of issues? >> to some extent, yeah. the white house certainly was, you know, involved and aware of what the nsa was doing in this realm. but, you know, there's somebody i write about in the book, keith alexander, who was the director of the nsa, longest serving director and just retired recently. he managed to really accumulate a lot of the bureaucratic momentum and the sort of mojo, really masterf

it sort of transcended mere credit card fraud or cybersecurity.e's a silver lining to this mushroom cloud, it's that. rich: andrew, thanks so much for joining us. much appreciated. >> anytime. rich: from securing your personal information to staying safe behind the wheel, the insurance institute for highway safety is out with its list of safest vehicles for 2015. fox business' very own jeff flock is live in chicago with the details. jeff? >> reporter: rich, all day long we have been focusing here on the fox business network not only on the vehicles that made the list, but some surprising ones perhaps that didn't. and this year was a big year despite all the recalls, this year even though the institute for highway safety, the insurance institute made the tests much tougher, they actually found that more cars passed the test. a total of 71 this year compared to 39. take a look at one brand, namely subaru, that has done real well in terms of sales. take a look at the various categories and see how they came up against some of the competitors. so let'

liz: cybersecurity stocks, that's a big story needless to say because sony has definitely become very much a target. that is the at forefront here. we had a breaking story at the top of 3:00, and dish and sony had a secret plan, or at least sony wanted dish to be part of that. talks fell apart. did not work out. sony is adamantly telling sources at the matter, telling fox business they want to release this thing. does that drive internet protection stocks and cybersecurity stocks or is it a trend type of situation? >> i think the impact that happened in sony, the very public, kind of attack is going to continue to drive cybersecurity, investing, and questions in the boardroom of companies. it is also going to move to the government, u.s. government and what kind of spending and method they can actually go in and help out with, given the fact that some of these attacks seem to be from other nation states. so looking at the cybersecurity companies and etf, move solidly up, i think that will be continued going into 2015. david: john, a lot of investors are having a tough time getting a f

. >>> a silicon valley cybersecurity company says the fbi is wrong about north korea being behind that attack earlier this month on sony's website. instead, a central figure was a former sony employee. abc 7 news reporter david louie has new details about this controversy. he is live in san jose tonight. david? >> reporter: well the company is a cybersecurity company in san mateo and it's telling the fbi that north korea didn't enter the picture until after the sony website and computer networks were hacked. now, there's a second company here in silicon valley another cybersecurity company, that says also that the fbi may be wrong. the fbi says it stands by its analysis that north korea hacked sony's website but it did send representatives to sit down with norse, a cybersecurity firm with offices in san mateo and st. louis. norse says its own investigation points to six people including an insider, a laid-off sony employee who helped a network of hackers called guardians of peace. >> at least one had ties to and critical knowledge of sony systems, i.p. addresses, credentials, et cetera

what does this mean to you and your cybersecurity? >>> did sony have a choice >>> did sony have a choice pulling the movie depicting the assassination of north korean leader, kim jong-un. and what can you do to protect your own cybersecurity? joining me is colonel cedric layton and gordon chang. good evening, gentlemen. gordon, north korea today saying they were framed and that they want to join the u.s. investigation and they're not allowed to join there will be serious consequences. is that a joke? >> it is a joke because this is typical north korean propaganda. the president talked yesterday about what north korea's responsibility for this. so pyongyang had to react and this is what they do. they come out with this overblown language. but we have to remember that north korea can do real harm to the united states and so serious consequences which is what they're talking about is something we need to expect. >> cedric, north korea saying they were framed? >> that's amazing, judge. they were framed then i think jack the ripper was pro

technology companies and cybersecurity firms for cybersecurity work force while to.s.s limited in its aket attract talented and well trained cyberwarriors. h.r. 2952 will require the secretary to assess the cybersecurity work force currently in d.h.s. and develop a strategy to enhance it. the assessment would look at cyberpositions, readiness, training, types of positions, and its ability to carry out its cybermission. with the ultimate goal of enhancing these capabilities and produce a recruitment and implementation plan. finally, the bill also requires the secretary to submit a report on the feasibility of establishing a cybersecurity fellowship program. this legislation along with the others we have brought up today are important pieces of improving the overall capabilities of the department of homeland security. and its ability to carry out its cybersecurity mission. this is a critically important piece of legislation which enables the department of homeland security to compete for what are very, very in demand individuals with talent in the area of cybersecurity a

. >> now, cybersecurity is a big deal. we know that sony, a very high-profile victim of a hack attack. they've pulled a high-profile movie as a result of that. what is nasdaq doing to secure itself, and what is cybersecurity going to mean in 2015 for nasdaq? >> so cybersecurity is obviously a situation where you can never rest. we had a wake-up call about four or five years ago, and i'm grateful for that because we really had to get to what i call government-grade or military-grade security. so we have a team of people that focus on it. they're ever vigilant. you win battle after battle after battle, but you realize that you still have to be prepared for the next battle. so it's something we're keenly aware of. we're focused on it. we protect our trading systems to the fullest extent that's, i think, possible at this point in time. but we also recognize that there are forces out there that will continue for themselves to get better to try to infiltrate an attack. so it's a state of preparedness. >> one final question. as y

that is the national cybersecurity protection act to provide assistance in cybersecurity to the privateor. the federal information sharing security modernization act as well of 2014 codifies the authority to assist other federal agencies. which also includes the ability to enhance hiring and pay within the cybersecurity work force. these bills passed just last week with the leadership of senator tom coburn, congressman mike mccaul and others and that includes the cybersecurity mission. tsa, john pistole has been the it administrator for the last 4.5 years we had his retirement ceremony yesterday and john is on a remarkable team doing a great job. they are in a better place as a result of john's good work. so did yesterday amazingly tsa has enhance aviation security is more popular with the american public and i suspect most people in this room are members of the tsa pre-check is looking at this crowd. for a background check you get in a shorter line. and at the same time they enable us to focus on the class of travelers that we know less about. and an amazing statistic about the screeni

it's a list that we think all cybersecurity practitioner should read so they know their craft well.the three books deal with cybercrime that i would like to point out. the first one is called fatal system error covers from 1995 to 2007, the first use of distributive extortion in the first successes from the british high-tech crimes and arresting early hackers. the second one i like is a fantastic book that gives deep inside about the business process operation of criminal organizations dealing with som some -- they get the and bolts about how they go about doing their business and it's a real integral look at that and the unofficial hero that comes out of brian's book is microsoft about them taking on the infrastructure criminal organizations legally to take them off-line so that's a pretty interesting read. my favorite is kevin paulson' paulson's -- covers from 2006 to 2007. the main story is a hacker by the name of max butler. he is a fantastic story writer and is going to make a great movie someday. his transmission. his transition from white hat hacker to black hat hacker is rea

but one cybersecurity expert says it could actually take years before we truly know who is responsiblectly why it was done. here is part of my conversation earlier with martin lubicky of the rand corporation. >> one of the takeaways is this attack looks very similar to an attack carried out on the sands corporation corporation. iran came back or what we presumed to be iran and they trashed a lot of systems. in the last two years there have been a lot of prominent cyberattacks that have gone ahead and trashed systems. when you consider that all of the pcs around the world that are capable of holding malware that are infected, we're talking about 1 to 2 billion personal computers, that's a lot of systems to go down if all of the sudden the hackers started becoming interested in trashing computers for the sake of trashing computers. it's not a good precedent to have. >> so what is your gut feeling then behind all of this? why would a group want to get into sony system specifically at a time it was about to release this very controversial movie? >> well, the motives of the hackers may have

what does this mean to you and your cybersecurity? experience all the real possibilities... of connecting with family and friends. realpad from aarp is now your easy way to share... enjoy... play... and celebrate. it's the tablet with free unlimited live help whenever you need it. hi, mom! hi, dad! happy anniversary! cherish moments like these with realpad. available at aarprealpad.org and at walmart. test test test test. don't settle for 4g lte coverage that's smaller or less reliable when only one network is america's largest and most reliable 4g lte network: verizon. with xlte, our 4g lte bandwidth has doubled in over 400 cities. and now, save without settling. get 2 lines with 10gb of data for just $110... ...or 4 lines for just $140. and get a $150 bill credit for each smartphone you switch. only on verizon. you're down with crestor. yes! when diet and exercise aren't enough, adding crestor lowers bad cholesterol up to 55%. crestor is not for people with liver disease, or women who are nursing, pregnant, or may become pregnant. t

>> cybersecurity officials, cybersecurity experts say you need to do an analysis to find out who is in they shut sony down. people could not access their computers. it's as if a fire raced through your local grocery store. they could not do anything. now they are trying to rebuild and put everything back in place. the real issue when you look at heathrow, they say it's not computer related. there's no evidence right now because this only happened within the last 24 hours. there's no evidence that somebody hacked into the system. initially they weren't quite as definitive as they are now. if somebody were to target critical infrastructure, what you're seeing going on at heathrow is what it would look like. people would lose the ability to land planes. people would lose the ability to get people out of subways. people would lose the ability if a bad actor wanted to do that and the scary part is anyone you speak to will tell you they're in the systems and they're waiting there and that's the danger. the only equalizer is the fact that everybody is in each other's systems. they're not goin

that's part of what makes this issue of cybersecurity so urgent. again, this is part of the reason why it's going to be so important for congress to work with us and get an actual bill passed that allows for the kind of information sharing we need because if we don't put in place the kind of architecture that can prevent these attacks from taking place, this is not just going to be affecting movies. this is going to be affecting our entire economy in ways that are extraordinarily significant. by the way, i hear you're moving to europe. where are you going to be? >> brussels. helping politico start a new publication. >> congratulations. i think there's no doubt that what belgium needs is a version of politico. [ laughter ] the waffles are delicious by the way. sheryl, you have been naughty. go ahead. >> reporter: thank you, mr. president. looking ahead to your work with congress next year, you mentioned as an area of possible compromise tax reform and so i'm wondering, do you see a republican congress as presenting a better opportunity for actually

and you have very different approaches to security and particularly cybersecurity in those two disciplines. in the operational technology world, you're talking about life cycle of machinery that lasts in decades. you know, you're not swapping out power generation plants or water systems. we're talking decades. i.t. you're look at years. ot you're worried about guards and gates, i.t. is more virtual security. and in terms of reliability, you know, the holy grail of i.t. used to be four ts which still allows you time to update your systems, take them down if you need to, but you can't take down a water pump to update or patch the latest, you can't take down the water pump that's feeding the washington area, so it makes it very hard to align the needs of i.t. and opt t., and that creates -- o.t. and that creates gaps that people looking to create nuisance can exploit. .. in the near-term, medium-term, the first thing is that nist met your name in report, matt skolnick to come up with a definition in a good way, yes. any to come up with a dolby -- the definition for this government. the report

for more on the latest cyberattack i'm joined by the ceo of the mccallum group and cybersecurity firmn narrative. good to have you with us. president obama talking at the business roundtable casually mentioned cybersecurity as a shared concern with big business. i did not see a representative from sony but when they are losing entire movies and that kind of attack is taking place we are in real trouble, are we not? >> yes, sir. sony has been hacked at least twice before in the last three years so they need to take a this, large retailers and small and midsize businesses need to take this very seriously. look at the lessons being learned and implement the processes that are necessary to ensure they have the right cybersecurity procedures in place. charles: lou: your analysts have looked at sony, the way it appears that it was carried out. what are your conclusions? what are your thoughts on the nature of the attack, the sophistication and the capability of those engineering the attack? >> from what we have read, the attack appears, it is not as complex as we thought. my guys were impre

it sounds crazy hiring a cybersecurity team.y not a bad idea to get someone to give you tips you don't think about. >> they just brought up something i didn't realize about people know your location. some of those settings, i don't have any idea how to get those settings right. and to think they have six kids to try to monitor? >> that's a whole lot of monitoring going on. good for them. i like to hear that. >>> coming up, oprah. she does it all. she's the force behind the new movie "selma." we'll go behind the scenes with her next. you're watching "world news now." >> announcer: "world news now" continues after t s ♪ >>> with police under scrutiny and racial injustice in the spotlight, a new movie is bringing the original march to freedom to the big screen. >> one of the film's producers is a woman named oprah. she talked to abc's robin roberts. we're "up all nightline" with a look behind "selma." >> i'm just here trying to register to vote. >> reporter: that's oprah as annie lee cooper. >> you know what a preamble is? >> repor

however norris a cybersecurity company based in san mateo says north korea entered the picture after6 others hacked sony including laid off employee who used the code name lean 8. at least o tie to critical knowledge of soapy systems. i p addresses. credential et cetera. and also had motive for being if what i would say would be upset with sony. >> she was laid off last spring. norris doesn't know if the hacker stole the stolen data but they changed the demand of sony. >> first demand that came from the attackers was a ransom demand. it was nothing around the interview so it was one to two week post december 2nd so call it early to mid december. when north korea tack advantage of the situation. >> fbi standby its original situations that north korea was responsible for the attack. >> however agents did sit down with norris employee to review the independent investigation another silicon valley cybersecurity firm in san jose also believes the fbi may have pointed the finger too quickly at north korea. ceo said high level hacker hide the track leaving no finger presence!presents presen

and congress approved several smaller cybersecurity bills that the president signed at year end here. but companies plan to push the next congress to approve a more sweeping bill that allows information sharing by the government and among firms. >> the government has the various intelligence apparatus that industry does not have. so it really does have to be a collaboration. >> but companies want to make sure that private customer information is protected in any legislation. cheryl? cheryl: a lot for them to chew on when they come back to work in january. peter barnes in washington. >>> closing bell going to ring, 42 minutes to go. the nfl black monday darker this year. three times have fired head coaches. who will replace them? and any other coaches at risk of losing jobs. nfl great joe theismann and peter schrager are going to break it down. >>> sony may have broken the online record, take a look who won the box office in studios. there you go! closing bell will be right back. in my world, wall isn't a street... return on investment isn't the only return i'm looking forward to. for

kraft, new high, new ceo, and cybersecurity stocks on the heels of everything going on with sony.saw a few of those looking good as well. back to you, charles. charles: all right, nicole, thanks a lot. we will talk about those cybersecurity stocks later, but first, hillary kramer's back, a and g capital president and chief investment officer. i note when you come back -- i notice when you come back, the market's up. tim frischling's back, president of new oak capital. scotty nell hughes and hawaii that herzog. let's dig into the first real, real deal. the market follows up the best session in the year with an even better session. i do love it, okay? i know a lot of you guys who are short are out there whining and complaining. too bad. now, i've really got to be honest, i don't like the term santa claus rally because there's no doubt while traders did love what janet yellen did yesterday, the bottom line is that this has been coming for a long time. this is not new. and there are some other factors driving this market. we're going to discuss them tonight. but i think one of the mor

meantime, at least two cybersecurity firms are raising new doubts whether north korea was behind the recent hack on sony pictures. here's brian todd. >> the forensic trail of the sony hack, it's mysterious, difficult to follow and now is sparking increasing doubt over the fbi's belief that hackers working for north korea are responsible. >> it's clear to us based on both forensic and other evidence that we've collected that unequivocally, they are not responsible for orchestrating or initiating the attack on sony. >> sam klein's cybersecurity form norse did its own investigation of the sony hack. norse and another leading security firm called cloud flair raise serious questions about the fbi's claim that the malaware used in the attack is similar to malaware used in other attacks by north korea. these firms say that malaware was leaked a long time ago and could have been used by hackers anywhere in the world. previously u.s. investigators said they have evidence hackers stole the computer credentials of a sony insider but norse believes it was given out and they track the attack to o

how much is the issue of cybersecurity the front of mind for the president? >> quite a bit. i think anybody that studied security threats not just in the last year but, say, in the last five to seven years would put something like this at -- at one of the top two or three on top of a list, partly because, you know, it's the type of action that both a country and a non-state actor can take -- it can have a crippling effect. you know, you can do it. you don't have to, say, have an army to do it. you don't have to have a series of weapons to do it but you can still bring about great harm and most importantly great disturbance to the commerce of the country. i think that cybersecurity has been at top of mind and has been for those in the security business both in the private sector and the government for quite some time. >> i would be remiss if i did not point out that the president called on female journalists. if he only called on male journalists we would not talk about this. did you know about this? and robert i'm going to ask you as weapon. what went on, peter? >> i didn't

joining me to talk about this is a cybersecurity expert and former vice president of worldwide internet the motion picture association of america. thanks for joining us. weeks ago you said this was likely a combination of hackers on the outside working with somebody on the inside. what led you to that conclusion almost a month ago and were you surprised when the white house so directly fingered north korea? >> well just even a month ago when this first happened immediate type of information coming out wreaked of what i call a crime of passion or a crime of vengeance. and one of the best things about crimes of passion or vengeance is they leave a sloppy crime scene. one of the things that was coming out of this is the information that was being leaked. the e-mails, for example, were the types of e-mails only a true hollywood insider would be aware of are the kind that would cause embarrassment to the company or for that matter to the industry. not something that i think somebody like a north korea or some other foreign nation state would even have the knowledge or the ability to figure t

but even if you don't have some sort of interaction with dhs or interactions with the cybersecurity firm and others, there is a plethora that are very good and kraut strike and others that can help you think through and make sure that you have your plans in place and you can execute on a response of a recovery plan. all of these are aspects that are important. the most important is that companies respond proactively and aggressively to cyberintrusion. soon after they have a choice whether or not to cooperate? >> there is always a choice in that matter. sometimes i would say that for those that are in critical infrastructure we might be a little bit more interested in pushing in some cases and there is always a choice. >> any last questions for you before we go to the cybersecurity? it is a problem that my company can manage or would it be a bigger problem than my company can manage two just before we go to questions, politically this is an interesting issue and we have the democrats and republicans and there are elements that are very reluctant with privacy concerns to push this through.

and maybe that ought to be one of the primary focuses of cybersecurity policy, and not treating it asa cybercrime problem. >> let me turn to instances that keep us for the moment on sort of often subside and away from the defensive side for a moment, which is the microsoft case in the second circuit and the proposed rule change which i think was sparked by department of justice to rule 41. so, lee, you want to give us a brief overview of just the microsoft issues and then your perspective on it? kevin, do you want to do same with respect to rule 41 issue, then we will have a discussion because i'm sure it will spark disagreement, which is always helpful. helpful. >> sure. i'll try to be super -- is easy for me to be over simplistic so i would just do the. the microsoft case, a lot of people have written about and talked about it, but basically it's a question about what does a u.s. provider do, or what can the government do with respect to a u.s. provider who is storing customer data, that is, the content in the e-mail account, oversees the? the primary legal regime in the united stat

companies need to take cybersecurity seriously but in a different way than sony approached it.s is a company that's been repeatedly hacked going back to at least 2005. the point is, once you get inside the network, you can't have open access to anything and everything they've been posting everything from confidential e-mails to financial information to scripts. this stuff they shouldn't have gotten the keys to the kingdom when they were on the inside and that's bad cybersecurity and response to it is you can either -- the british mentality of keep calm and carry on or you can react with hysteria and then fold like a cheap card table. we've chosen category two. which of these responses incentivizes more attackers to come after you? >> the million dollar question and problem. peter singer, thank you so much. >>> just ahead, president obama's agenda here on a winning streak in the weeks since his party was crushed in the mid terms. what's next in the final quarter in office and a surprising deal with cuba getting reaction from both sides. we'll get personal. i'll speak live with s

and the cybersecurity community also helped. my company tried to assist them.is an unprecedented home invasion that occurred to sony. >> for example, with your company, if you can say. i know, a lot is guarded. what kind of assistance were you able to provide? >> well, most of the security vendors that have been trying to assist sony in the circumstances were analyzing the code itself. trying to figure out who wrote the code, what the code could do to the systems. the code, you have understand was destroying i.t. infrastructure. the burglars were just burglarizing the house but setting it on fire. >> when you say that and you hear the president say this is essentially cyber vandalism and compared to what you said usa "today" my greatest fear it's essentially outlines for terrorists as well as criminals that nation states how to go about destroying the brand of an organization. destroying, to me, is not vand vising as the president put it. what is the disconnect here, if there is one with the administration and perhaps the severity of this? >> i think the presid

agents spent over two hours meeting with representatives from a silicon valley cybersecurity firm. the senior vice. of the company says north korea was used as a decoy bihacers -- by hackers. >> did they direct, initiate or mastermind the attack? we still don't have any evidence that leads us to believe that. >> reporter: the company did find evidence that points to a recently laid off-seasony employee. >> ex-employees at sony got in contact with other individuals on the internet that had a chip on their shoulder about sony's practices and antipiracy efforts. >> reporter: the firm says cryptic evidence in the malware used to attack sony led them to four people who are not being identified. cbs news first reported the evidence last week. >> hello, north korea. >> reporter: the f.b.i. has said north korea hacked sony because of the movie "the interview." federal authorities won't comment further saying the sony case is an open investigation. don champion for cbs news, new york. >>> 6:146789 here's another look -- 6:14. here's another look at our facebook question of the morning. what

businesses are way behind on cybersecurity.o we're bringing in richard bates, fireeye security strategy. fireeye is responsible for discovering and pinpointing many of these attacks. right off the bat, richard, where are the most recent ones coming from? can you figure that much out so far? >> well, liz, there is a whole range of bad actors out there. we continue to see activity from china. we continue to see activity from russia. north korea has been an active participant in this sort of stuff in the past and they apparently are very active now. we also see iran. so you have quite a collection of rogues there. david: suspicion about north korea, because this one film sony had coming out was about north korea, in fact specifically about somebody targeting north korea's leader, that they had a bone to pick with sony and really went after it directly. it wasn't about getting financial information. it was about trying to screw up sony. anymore news on north korea and its attack on sony? >> well, dave, the fbi warning that you ment

cybersecurity that we define as threats in cyberspace for cybercrime, attacks over computer networks that damage physical infrastructure like power grid or to disable the water utilities but the risk of these attacks has topped the list of global threats. every year it is a big thing that keeps people up that night and cyberthreat is that the top. and the new fbi director formerly the deputy attorney general said the risk of cyberattacks and a related risk of cybercrime is the most significant national security threat over the next decade and putting that at the top of the list above terrorism. and testifying before congress that cyberattacks are costing hundreds of billions of dollars u.s. companies and multiple foreign governments have already probe the systems that regulate the power grid it is not theoretical but a truly significant catastrophic failure well occur if we do not take action. how did we get to this point rawl officials tell us the risk of a catastrophic cyber attack and espionage is what we should be most worried about and what does that mean for all of us that exis

let's -- we were just talking about the movie, "the interview," with a cybersecurity expert.ne that software in 2015, everything we're going to talk about at least in the first quarter is going to be centered around security, or is something else coming our way? >> exactly. it's got, this korean thing has a lot of companies scared half to death. we're rethinking e-mail, exactly what you put into e-mail. but, yeah, this breach at sony has got the security firms scrambling. watch intel mcafee, that's the only from this down into the process and into hardware, and it's right now almost impossible to get around their technology as the result. that put them in a really good position going forward. adam: and is that a position for e-mail? we have had different guests talking about text messaging encrypted at the source and at the final destination whereas we mail, it's not as secure because you can screen grab the e-mail, or is there something that's going to surprise us? >> this keeps you from getting the breach in the first place. remember, they got into sony. they dumped everyth

>> well, the cybersecurity experts reverse the hack, basically. they start tracking through cybermethods exactly how many countries and how many other networks were hijacked to lead to sony. it's not a direct attack from north korea. north korea could have hijacked networks in china or thailand and france. that could have hijacked other networks in other parts of the world, eventually leading to sony burrowing in worms or other malware and then it could have stayed silent for a while, collecting information, and been activated in terms of allowing sony to realize it, at a time that they chose. >> but, colonel, an isolated country, like north korea do this or reach out to someone to do it? because i heard someone say, oh, all you need is a keyboard. i mean, that's frightening. >> it is frightening, and it points out the fact that in this environment, in which everybody's data is at risk, just about anybody can attack you. so is this terrorism? are we in the middle of a war? i think that lots and lots of things are a danger. we've seen lots of insta

companies plan to push the next congress to approve more sweeping cybersecurity bill that allows morehe government and monk firms but companies want to be sure customer information is protected in any legislation that congress approves. >> don't share my information. gerri: not with washington. thank you, peter. david: thanks, peter. >> you bet. gerri: one of those hack attacks we saw a few days ago when a group called "lizard squad" hit xbox live and a playstation on christmas day resulted in people unable to play their games and a lot of disappointed kids. david: imagine getting that for christmas and not playing. fox news's matt king has more on the group behind the attacks. >> you wake up christmas morning expecting to play online and server down. >> they emerged from their upper east side gamer gauge sunday to buy a new controller for ps 3. >> fifa 15. all the new games to go online. >> on the christmas day the two properties never made it online to play with new presents. thanks to hackers calling themselves "lizard squad" who blocked access for 160 million users of xbox live an

lou: the cybersecurity company norse is in charge of the investigation of the cyberattack but investigation indicates the attack was executed by a combination of one disgruntled former sony employee and five professional hackers employed by cybercriminals and pirates. security analysts are split whether norse or the fbi is right. the federal government could have access to information private companies don't and perhaps vice versa. >>> the obama administration is denying a report it's proposing a prisoner swap with iran in exchange for a former u.s. marine. the attorney for former marine said the united states sought his release through a prisoner exchange. the u.s. state department spokesman says not true. he was arrested more than three years ago in iran, convicted of spying for the cia, a charge his relatives and the u.s. government denies. >>> we're coming right back. stay with us. >>> new york's mayor bill de blasio meets privately with police union leaders. wait a minute. private? then why do we been it? we'll ta . lou: new york city mayor de blasio met with the heads of police unions

. >> there are other cybersecurity companies.ffers cyberart from checkpoint which is well established on the u.s. market and others like palo alto that are doing pretty well now? >> we feel we are the best of both worlds. customers in over 65 countries. in terms of what we do, we're focusing on the inside. some of the companies you mentioned are focused on perimeter security. how do we keep the bad guys outside. we protect them on the inside very hard for them to move around and get to the critical assets that they are going after. >> privileged accounts security? >> there seems to be a lot of demand now. you raised your guidance almost three-fold. what is underpinning the growth now? for us owth drivers have been constant. companies' growing awareness on the fact that breaches are getting more and more sophisticated and are making it on the inside. it is a whole new approach to security. we have a proven security to make that happen. tection of attacks that make it to the inside. >> this week we're talking a lot about sony and t

that's got to be -- there are cybersecurity companies around the world now whose business is going wayorations everywhere are turning to them for more security. >> you know, bobby, the problem the u.s. has now is if the u.s. doesn't respond, it potentially could encourage others to continue these kinds of cyberattacks. >> yes. and people will be looking for a u.s. response. i fear, as i've said before, that there is not a quick response available. this is a country that we've already tightened lots of sanctions around -- >> hold on, bobby. here's the president. >> hello, everybody. i really got a full house today, huh? all i want for christmas is to take your questions, but first let me say a little bit about this year. in last year's final press conference, i said that 2014 would be a year of action and would be a breakthrough year for america. it has been. yes, there were crises that we had to tackle around the world. many that were unanticipated. we have more work to do to make sure our economy, our justice system, and our government work not just for the few but for the many. but t

it's really where they sit on next generation, cybersecurity. they believe have the best security technology out there. it would fit four large large player give p where they've going in the next data center and it comes down to their core technology for a tech network. they're as good as any out there. and big data is really fuelling the engine here. look at this i.t. spending, you see more and more spending on the top rows. you definite -- and there is a thing where a lot of these large tech players like the ibms, they need to growth they need to build the data center and that's where the top would fit in with ibm. it's been right on tier one acquisition. . would fit the bill. the ownership has been discussed, but they need to significantly step up on the choud. that's going to be heated. that success in 2015. how confident are fou in these take outcandidates. buying a stock is usually a terrible strategy. now and dr. j has noticed high call rl volume in best buy. >> we talk over and over again about how there is the christmas shopping season,

can foster the development of a cybersecurity work force and d.h.s. can improve its cape to believe the review and -- recruit and retain cybersecurity talent. the legislation i introduced sought to address a number of the task force's key recommendations as does this bill, s. 1691. cybersecurity is a complex mission for the department and requires a wide range of talent at all levels. given the urgent nature of the d.h.s. recruitment efforts, it's essential that the department have at its disposal certain hiring authorities and training procedures in place. before i close, i'd like to acknowledge that there's a lot of interest on our side of the aisle to make progress on cybersecurity. hopefully in the coming days, old jurisdictional squabbles can be laid aside for the betterment of the country, as was done on this bill. and again the oversight committee can work with the homeland security committee to bring forth critical cybersecurity legislation. we need to put in place legislation to advance the ball with respect to protecting federal civilian net

cybersecurity is a misnomer. it is cyberdetection. they are going to get in and do some damage.ection is the key. i don't think you can prevent it. what happens after the fact? employees need to the duty. ceos, the latest data shows mergers and acquisitions, ceos at that level of communication is being stolen. dave: let me be specific. of my computer senses an attack, some kind of software that sense is that you immediately shut it down? >> they have software to overwrite the alarm system so you will not be alerted that something might be going on. dave: nothing we can do? >> there is nothing we can do. dave: that is a sober analysis. good to see you. president obama may finally have a plan to save the planet. a federal takeover of our electrical grid. we all know how well federalization of our health-care system worked out so what could possibly go wrong with this? a dry mouth can be a common side effect. that's why there's biotene. it comes in oral rinse, spray or gel, so there's moisturizing relief for everyone. biotene, for people who suffer from a dry mouth. and cialis for

they now say it is north korea and that was behind this and this cybersecurity stuff is a hot topic onome, around the world obviously. john: thank you. uber agreeing to suspend service in portland, ore. for three month while regulators work to revise the taxi rules there. have you soon uber? >> they have only been around since 2009. john: what is slowing you down? >> they have not done anything wrong yet. i am amazed at the portland store. uber is in 200 counties--countries right now. over 200 cities and portland does not have their regulations written in such a way that uber can properly do what they do. john: regulators can pass laws about food safety, but what this looks like is they are passing laws that say we are going to protect the taxi industry. you can't do with that. >> they have already done it. there are limited numbers of people who can drive taxis and they keep a lid on that and they need a certain type of license to do it and allow limo services to exist but that is under a specific thing. regulations for uber type service. john: they are protecting an industry. >> repu

it's a little late. >> senator mccain is talking about we can institute some kind of cybersecurity committeeas part of the subsection of armed services. i think there are going to be things that happen on capitol hill. but you're right. this is how washington functions. it's not a problem until it's an emergency. >> tay with us. we have much more to talk about. but right now george clooney, the hollywood superstar, saying he knows why stony stood alone. clooney telling deadline.com he tried to get major hollywood players to sign a petition in favor of sony and no one would do it. deadline.com legal editor dominic patton. what did george clooney try to do and what happened? >> george clooney and his agent brian lord when all this started, greta, they really saw this -- this was a water 14ed moment for hollywood and they thought what needed to be happening is people needed to stand up with sony against cyberterrorists. so they put together a petition that basically said we need to stand together, we don't need to stand in fear. george clooney couldn't get anyone significant to soin ign . they

oning isment of the market that's -- one segment that's jumping as a result of north korea, cybersecurity stocks. names like fireeye and proofpoint enjoying a second day of moves. we will also hear from gary steele after the bell in a fox business exclusive. it's the last day of trading, day three of a rally? let's start the "countdown". ♪ ♪ liz: breaking news, we've got a lot of it right now on sony. president obama not cutting the film company any slack, saying it's a mistake the movie company pulled that movie, "the interview," the satire on north korea. peter barnes live at the white house and, peter, it started this morning. you were at the press conference this afternoon, but before that the fbi came out and said categorically it's north korea. let's talk about the response that we expect. >> well, liz, the president was asked about a response and, of course, some of the options could be a counterattack militarily, a cyber counterattack, additional sanctions. but the president declined to be specific saying he's not going to announce his next steps from the podium. here's what he sa

but cybersecurity is a growing threat. broadly we've seen it from other countries.s something that we work with the private sector on and it will continue to be a big issue for this administration. >> americans were threatened by these same hackers and they wreaked havoc on sony's hardware and the operations of a major company in this country. is it cyberterrorism? if not, what does one have to do in order to be considered cyberterrorists? >> i don't think there's a benefit to putting new labels on it. it's a cyberhack. we're discussing a range of options. the fact is, there are private sector companies that have been hacked by a range of sources. the government was recently hacked and this is something that we take very seriously and we're having ongoing discussions about how to address. >> how concerned is the obama administration about the precedent being set here? a movie is put out, if other country's leaders don't like it, the company is hacked, americans are threatened and basically at the end of the day the american people blink, the united states backs down

you are seeing strange cybersecurity plays new cybercrime bedfellows.gerri: i'm glad you brought up the xbox and playstation, denial of service attacks so people don't lose personal information, you can'tutes product, right? >> glad you brought up that. sometimes a d-s do is distributed denial of service, inconvenience. other times it is used as a smoke screen a ruse to get the security team to rush to one part of the network while they go in the side door. we've seen that with the banking industry finding out money was missing in the wires department while a d-dos was going on. gerri: are you saying that's what happened with the xbox situation? >> you better check and make sure nothing is amiss, don't write this off as simple d-dos. gerri: what is your recommendation to people individuals who have small businesses tonight. >> find a security company can you reach out and touch and have them hack you. have a third party group hack you, and can you do this on the smallest of budgets and tell you where your vulnerabilities are. second, as a consumer, as a