DHS Launches Alert System

The Department of Homeland Security has launched a National Cyber Alert System.

The Department of Homeland Security has launched a National Cyber Alert System to provide information on Internet threats to both the technical community and end users. While major network operators work extensively with the government to mitigate network threats, home users and small businesses are seen as a vulnerability to the nations cyber-infrastructure.

The information will be distributed via e-mail in two ways. First, on an event-driven basis, it will deliver advice on how to protect systems from viruses, worms and other attacks. Second, DHS will send out periodic guidance on taking precautions to protect systems before they fall victim to attacks, said Amit Yoran, director of the National Cyber Security Division at DHS, in Washington.

DHS is working with Symantec Corp. and other private organizations, linking a number of computer systems in several locations, Yoran said upon unveiling the alert system last week. He would not disclose the names of all the private organizations involved in the effort, but he said the department plans to expand the roster.

"Our cyber-alert system is not intended to compete with the private sector," Yoran said. "This alert system is complementary to those mechanisms in the private sector."

The initiative will seek to measure threats based on a variety of criteria and determine the kind of information that is most appropriate for distribution on a national level. Measurement criteria include a threats impact on infrastructure, its impact on national security, how widespread it is and how actively it is exploited, Yoran said.

The system focuses on education, prioritization and awareness, and it will warn not only of attacks but also of computer fraud, Yoran said.

While most enterprises and large organizations have access to a host of sources on network threats, some say the federal initiative will help small businesses, which may not be up-to-date on the variety of available sources.

"I dont think this will give us anything we dont have, but for smaller organizations it will be helpful as they may not be aware of the current resources available to report security incidents," said Jon Snyder, senior network engineer at Portland State University, in Oregon. "Bugtraq, CERT, incidents.org, etc. already provide most of this information, so I dont think it will change things for us."