DHS unveils cybersecurity warning system

The U.S. federal government will join a gaggle of antivirus companies and public-private groups in warning citizens about virus outbreaks such as the recent Mydoom e-mail worm and other online threats, according to the Department of Homeland Security (DHS).

DHS unveiled a new National Cyber Alert System, which will use e-mail warnings and bulletins to provide U.S. citizens and others with timely information on warnings about virus outbreaks, online scams, computer software vulnerabilities and advice on computer security best practices, the agency said Wednesday.

The alerts will come in two forms: one for computer security experts and the technical community, and one for nontechnical computer and Internet users. Individuals can sign up to receive the alert by visiting the U.S. Computer Emergency Readiness Team, or US-CERT, said Amit Yoran, director of the National Cyber Security Division within DHS. (http://www.us-cert.gov)

The agency will also e-mail bulletins to subscribers summarizing software patches and workarounds, for technical audiences, and provide cybersecurity tips for nontechnical computer users.

“The strategy is to provide people with periodic pieces of information that they can use to better secure their systems…before they fall victims to viruses and worms,” Yoran said.

“We want to move beyond simple response and alert and take a more proactive stance as we implement a national strategy,” he said

Computer owners who secure their machines help ensure that those PCs could not be used in large-scale cyberattacks as “weapons against their country,” Yoran said.

In a phone conference with reporters, Yoran, a former Symantec Corp. executive, faced persistent questioning about whether the DHS alert system would further complicate a warning system already crowded with the voices of antivirus companies and other computer security groups. The National Cyber Alert System would be complementary to private sector alert systems, such as those offered by Symantec and Network Associates Inc.’s McAfee antivirus division, he said.

When asked whether DHS would step in to coordinate the activities of those companies and prevent confusion, such as the jumble of different names that are often applied to the same Internet virus or worm, Yoran said that the agency would “look at that and determine if there is a role for DHS.”

The new alert system is building on expertise DHS already has, Yoran said.

Through its U.S. Computer Emergency Readiness Team (US-CERT), DHS already identifies and tracks more than 30 computer threats each day. The new alert system is just a way to release some of that information to the public and to tie it to an overall national cybersecurity picture, he said.

One of the biggest jobs facing the alert system is coordinating the public organizations and government bodies that already track cybersecurity, he said.

Among other things, DHS is looking to make changes at the CERT Coordination Center at Carnegie Mellon University in Pittsburgh, Yoran said.

“We’re trying to take the CERT Coordination Center advisory system…and evolve it into what we think will better address the national need,” he said.

CERT may be pushed to cover more topics and to increase the “timeliness” of its public advisories, he said.

In opening comments, Frank Libutti, DHS Under Secretary for Information Analysis and Infrastructure Protection, celebrated the new cyberalert system as an example of the public-private partnership model championed in the Bush administration’s “National Strategy to Secure Cyberspace.”

In his own comments, Yoran was careful to say that the National Cyber Alert System was the first step in an evolving alert system. In time, the federal government may step in to fill gaps in the services from private companies.