[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Washinton Post zum neuen Cyber-Threat Warning System
Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
U.S. to Issue Cyber-Threat Warnings
By Jonathan Krim
Washington Post Staff Writer
Wednesday, January 28, 2004; 9:15 AM
The federal government today announced a new, centralized system for
alerting the country to threats to computer systems, from business and
government networks to consumers' home machines.
The alert system, unveiled by the cybersecurity division of the
Department
of Homeland Security, will be a clearinghouse of information on hacking,
viruses, worms and other forms of cyberterrorism. It will also be a
place
for consumers to learn about vulnerabilities to their systems, and what
to
do about them.
"We are focused on making the threats and recommended actions easier for
all
computer users to understand, prioritize and act upon," said Amit Yoran,
the
director of the cybersecurity division.
The move aims to make the government the trusted source of
computer-security
information, which currently is disseminated by a variety of corporate,
research, government and quasi-public organizations.
Cyber-threats to national infrastructure, for example, have been the
purview
of the old National Infrastructure Protection Center, which was housed
under
the FBI until the Homeland Security department was formed.
Several companies and research institutions have Web sites that track
virus,
worm and other threats round-the-clock, with many of them offering
programming solutions to network operators so they can fend off
particular
attacks. And many firms sell consumers various wares for protecting
their
home systems while providing security information.
But Yoran said it important that such information come from a neutral
source.
"The vendor community is focused on sales as well as on protecting their
clients," said Yoran, who recently took over the division after working
at
Symantec Corp., which sells Norton anti-virus and other security
products.
"Coming from the U.S. government, the focus is solely on the public
interest."
John Pescatore, a computer-security analyst for the research and
consulting
firm Gartner Inc., said that it is especially important for consumers to
have a place to go that is not aimed at selling products.
Unlike the wealth of information that is available for companies,
"there's
not a lot that is unfiltered for consumers," he said.
Computer users will be able to sign up at the division's Web site,
www.us-cert.gov, for regular newsletters, tips and other information.
Alan Paller, head of the SANS Institute in Bethesda, a computer-security
research facility, said he sees value in the government being the
authority
on identifying and tracking cyber-threats and vulnerabilities.
"The model is the National Weather Service," which collects primary
weather
data, said Paller. "Everyone else is an interpreter." With
cyber-security
information, Paller said, "everyone is a collector. That model is
wrong."
Because the government also has resources at the Defense Department and
coordinates with industry groups that share data, Paller said, "they
have
access to data a little earlier. If they will tell people earlier, that
will
make a difference."
Currently, several cyber-security companies race to be the first to put
out
alerts and suggest technical fixes.
At a Web site called the Internet Storm Center, SANS tracks
cyber-attacks
and threats, but Paller said he "wouldn't mind" if Yoran's team took on
that
task.
Paller and Pescatore agreed that providing the public with more
information
is a first step toward diminishing the frequency and severity of
cyber-attacks, such as the MyDoom worm that currently is crippling many
computer systems.
The cyber-security division is currently working with industry trade
groups
in formulating other strategies, as well as working on its own next
steps.
---------------------------------------------------------------
Liste verlassen:
Mail an infowar -
de-request -!
- infopeace -
de mit "unsubscribe" im Text.