Feds set up cyberfighting group

[InfoSec News <isn () c4i org>]

http://news.com.com/2100-1002_3-5076745.html

By John Borland 
Staff Writer, CNET News.com
September 15, 2003

The U.S. Department of Homeland Security is teaming up with the Net's
top virus-tracking facility to create an organization to fight
cyberbugs.

The federal body said Monday that it was partnering with Carnegie
Mellon University's CERT Coordination Center to create a new group
that would work to prevent, monitor and respond to "cyberattacks"  
across the Internet. The new US-CERT group is expected to focus on
giving companies, digital security groups, federal agencies and others
a venue for sharing critical information about security issues.

"The recent cyberattacks--such as the Blaster worm and the Sobig
virus--highlight the urgent need for an enhanced computer emergency
response program that coordinates national efforts to cyberincidents
and attacks," DHS Secretary Tom Ridge said in a statement.

The new organization hopes to jump-start communication between
companies, security researchers, networks and other entities affected
by digital security problems, many of which have historically been
loath to share detailed information on break-ins by hackers, software
vulnerabilities or other security problems.

A forum that allows those entities to talk directly to each other, as
opposed to sharing bits of information through a central
clearinghouse, has been slow to emerge--despite being long-viewed by
security experts as one of the most critical needs of a computing
community racing to keep up with virus-writers and mutating computer
worms.

"Today most of the interaction between organizations is informal,
happening on an ad-hoc basis," said Jeffrey Carpenter, manager of the
Carnegie Mellon CERT center. "But I think organizations are coming to
realize that they have to work together on this problem. We're much
more powerful together than individually."

Monday's announcement served primarily as notice to the security
community that the new US-CERT would be soliciting participation from
critical network-watchers and vulnerability-trackers, ranging from
government organizations to Internet service providers.

Carpenter said the new organization will likely spend the next few
months signing up those partners, both in the United States and
overseas, that can best provide insight into the current state of
network vulnerabilities.

Carnegie Mellon's CERT center, formed after the Morris worm attack in
1988 as a clearinghouse for ongoing security bulletins and
vulnerability information, has come closest to this goal to date.  
Funded by the U.S. Department of Defense, it has played a key role in
distributing information about virulent digital infections such as the
recent MSBlast worm and the Sobig viruses.

CERT has come under criticism from some in the security community for
providing information about dangerous security issues first to the
organizations that fund it, before releasing the same information to
the community at large. Some technology professionals have recently
said they now rely more heavily on the FBI-backed National
Infrastructure Protection Center (NIPC).

CERT itself will continue to operate as a clearinghouse for
information on viruses, worms and other security issues, while the new
body will act as a forum for direct discussion and
information-sharing.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.