How It Works

How US-CERT gets the word out

Shutterstock image (by Pavel Ignatov): Alert icon.

(Pavel Ignatov / Shutterstock)

When a major vulnerability hits the Web, it is the U.S. Computer Emergency Readiness Team’s job to sound the alarm as quickly and effectively as possible. And given Heartbleed, Shellshock and other menacing revelations, US-CERT has had plenty of clamoring to do in the past year or so.

Internet users can subscribe to four separate US-CERT mailing lists, with “alerts” being the most urgent. Those alerts often include descriptions that are not overly technical so that a non-geek can understand them and take remedial security steps.

For instance, the alert for Heartbleed, the OpenSSL flaw discovered in April 2014, states: “This flaw allows a remote attacker to retrieve private memory of an application that uses the vulnerable OpenSSL library in chunks of 64K at a time.”

More from FCW

FCW Magazine (June 30, 2015)

To view the print version of this article, and the rest of FCW's "How it Works" package, please see our digital edition.

Users can rate the helpfulness of the alert as “yes,” “no” or “somewhat” at the bottom of each update. That feedback is presumably factored into how future alerts are crafted.

Although US-CERT is one of the main disseminators of threat information, it does not work alone. As part of the Department of Homeland Security’s National Cybersecurity and Communications Integration Center, the team has tapped the FBI, the Financial Services Information Sharing and Analysis Center, trusted private firms and a Canadian cyber response center for help in preparing alerts.

Like other federal offices that handle cybersecurity, US-CERT’s effectiveness rests on breaking down bureaucratic barriers so that it can act more quickly on threats, which can spread like wildfire.

US-CERT Director Ann Barron-DiCamillo said in a recent interview that industry is always interested in getting information more quickly and with greater context. Therefore, her team is working with intelligence agencies to strip relevant data from classified reports, she added.

Top-secret intelligence reports on cyberthreats contain technical data that is not classified, and separating that information “has been a huge focus, and it’s really helping with the timeliness as well as richer content associated with what we’re sharing,” she said.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • People
    Dr. Ronny Jackson briefs the press on President Trump

    Uncertainty at VA after nominee withdraws

    With White House physician Adm. Ronny Jackson's withdrawal, VA watchers are wondering what's next for the agency and its planned $16 billion health IT modernization project.

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.