|
U.S. to Issue
Cyber-Threat Warnings
By Jonathan Krim
Washington Post Staff Writer
Wednesday, January 28, 2004; 9:15 AM
The federal government today announced a new,
centralized system for alerting the country to threats
to computer systems, from business and government
networks to consumers' home machines.
The alert system, unveiled by the cybersecurity
division of the Department of Homeland Security, will
be a clearinghouse of information on hacking, viruses,
worms and other forms of cyberterrorism. It will also
be a place for consumers to learn about
vulnerabilities to their systems, and what to do about
them.
"We are focused on making the threats and recommended
actions easier for all computer users to understand,
prioritize and act upon," said Amit Yoran, the
director of the cybersecurity division.
The move aims to make the government the trusted
source of computer-security information, which
currently is disseminated by a variety of corporate,
research, government and quasi-public organizations.
Cyber-threats to national infrastructure, for example,
have been the purview of the old National
Infrastructure Protection Center, which was housed
under the FBI until the Homeland Security department
was formed.
Several companies and research institutions have Web
sites that track virus, worm and other threats
round-the-clock, with many of them offering
programming solutions to network operators so they can
fend off particular attacks. And many firms sell
consumers various wares for protecting their home
systems while providing security information.
But Yoran said it important that such information come
from a neutral source.
"The vendor community is focused on sales as well as
on protecting their clients," said Yoran, who recently
took over the division after working at Symantec
Corp., which sells Norton anti-virus and other
security products. "Coming from the U.S. government,
the focus is solely on the public interest."
John Pescatore, a computer-security analyst for the
research and consulting firm Gartner Inc., said that
it is especially important for consumers to have a
place to go that is not aimed at selling products.
Unlike the wealth of information that is available for
companies, "there's not a lot that is unfiltered for
consumers," he said.
Computer users will be able to sign up at the
division's Web site, www.us-cert.gov, for regular
newsletters, tips and other information.
Alan Paller, head of the SANS Institute in Bethesda, a
computer-security research facility, said he sees
value in the government being the authority on
identifying and tracking cyber-threats and
vulnerabilities.
"The model is the National Weather Service," which
collects primary weather data, said Paller. "Everyone
else is an interpreter." With cyber-security
information, Paller said, "everyone is a collector.
That model is wrong."
Because the government also has resources at the
Defense Department and coordinates with industry
groups that share data, Paller said, "they have access
to data a little earlier. If they will tell people
earlier, that will make a difference."
Currently, several cyber-security companies race to be
the first to put out alerts and suggest technical
fixes.
At a Web site called the Internet Storm Center, SANS
tracks cyber-attacks and threats, but Paller said he "wouldn't
mind" if Yoran's team took on that task.
Paller and Pescatore agreed that providing the public
with more information is a first step toward
diminishing the frequency and severity of
cyber-attacks, such as the MyDoom worm that currently
is crippling many computer systems.
The cyber-security division is currently working with
industry trade groups in formulating other strategies,
as well as working on its own next steps.
© 2004 The Washington Post Company
|
