Can the Feds Fight Viruses?

The U.S. federal government will join a gaggle of antivirus companies and public-private groups in warning citizens about virus outbreaks such as the recent Mydoom e-mail worm and other online threats, according to the Department of Homeland Security (DHS).

The DHS unveiled a new National Cyber Alert System, which will use e-mail warnings and bulletins to provide U.S. citizens and others with timely information on warnings about virus outbreaks, online scams, computer software vulnerabilities, and advice on computer security best practices, the agency says.

Get the Message

The alerts will come in two forms: one for computer security experts and the technical community, and one for nontechnical computer and Internet users. Individuals can sign up to receive the alert by visiting the U.S. Computer Emergency Readiness Team site, says Amit Yoran, director of the National Cyber Security Division within the DHS.

The agency will also e-mail bulletins to subscribers summarizing software patches and workarounds, for technical audiences, and provide cybersecurity tips for nontechnical computer users.

"The strategy is to provide people with periodic pieces of information that they can use to better secure their systems ... before they fall victims to viruses and worms," Yoran says.

"We want to move beyond simple response and alert and take a more proactive stance as we implement a national strategy," he says.

Computer owners who secure their machines help ensure that those PCs could not be used in large-scale cyberattacks as "weapons against their country," Yoran says.

Too Much Information?

In a phone conference with reporters, Yoran, a former Symantec executive, faced persistent questioning about whether the DHS alert system would further complicate a warning system already crowded with the voices of antivirus companies and other computer security groups. The National Cyber Alert System would be complementary to private sector alert systems, such as those offered by Symantec and Network Associates' McAfee antivirus division, he says.

When asked whether the DHS would step in to coordinate the activities of those companies and prevent confusion, such as the jumble of different names that are often applied to the same Internet virus or worm, Yoran says that the agency would "look at that and determine if there is a role for DHS."

The new alert system is building on expertise the DHS already has, Yoran says.

Through its U.S. Computer Emergency Readiness Team, the DHS already identifies and tracks more than 30 computer threats each day. The new alert system is just a way to release some of that information to the public and to tie it to an overall national cybersecurity picture, he says.

Making Changes

One of the biggest jobs facing the alert system is coordinating the public organizations and government bodies that already track cybersecurity, he says.

Among other things, the DHS is looking to make changes at the CERT Coordination Center at Carnegie Mellon University in Pittsburgh, Yoran says.

"We're trying to take the CERT Coordination Center advisory system...and evolve it into what we think will better address the national need," he says.

CERT may be pushed to cover more topics and to increase the "timeliness" of its public advisories, he says.

In opening comments, Frank Libutti, the DHS Under Secretary for Information Analysis and Infrastructure Protection, celebrated the new cyberalert system as an example of the public-private partnership model championed in the Bush administration's "National Strategy to Secure Cyberspace."

In his own comments, Yoran was careful to say that the National Cyber Alert System was the first step in an evolving alert system. In time, the federal government may step in to fill gaps in the services from private companies.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon