DHS rolls out cyberalerts

Homeland Security Department officials today unveiled a National Cyber Alert System designed to protect computer users from viruses, worms and other Internet-borne attacks.

The federal alert system could reach many more citizens than are now receiving cybersecurity warnings through a variety of private, subscription-based services.

In its initial phase, DHS' system will deliver alerts via e-mail to anyone who signs up to receive them, department officials said. The free alerts will be electronically signed to give users confidence that they are legitimate and not "spoofed" like many messages distributed via the Internet.

Users can get their names on the e-mail distribution list beginning today.

The DHS announcement left some companies in the cyber security business wondering how their own cyber warning activities will mesh with what the department is offering.

Peter Allor, director of Internet Security Systems' X-Force Threat Intelligence Service, said he that is waiting for DHS to provide his company with more information about its plans. Allor said he was not concerned that a national system would compete with his company's own threat-analysis service, but he wants to know how the private-sector Information Sharing and Analysis Centers will coordinate their efforts with DHS. "That's still an open question," said Allor, who serves as director for the ISAC that focuses on information technology threats.

While many network and systems administrators already share information about cyber attacks often before they happen, "it's just as important for home users to be able to plug their vulnerabilities," said Greg Garcia, vice president for information security with the Information Technology Association of America, a group representing information technology companies.

Acknowledging that other venues for alerts exist, DHS officials said Symantec Corp., Network Associates Technology Inc.'s McAfee and other companies that now publish information about computer threats are working with the department on the alert system. By consolidating many sources of information into one high-level system, agency officials can provide a national perspective on cybersecurity, they said.

The national alert system is a good first step, Garcia said, because it means "we€re beginning to get traction on cyber security."

But Sen. Charles Schumer (D-N.Y.) criticized the DHS system as inadequate for the problem it is trying to solve, because it does not impose a mandatory threat-reporting requirement on software and security companies. Schumer also blasted the idea of using e-mail alerts.

"An e-mailed based system is a bad idea because hackers can easily duplicate or mimic a DHS mail warning," said Schumer, who called for the creation of a center comparable to the Centers for Disease Control, a command center and research facility for the nation€s cyber health.

Computer security will not improve until awareness is raised through a system that is easy for all computer users to understand, Amit Yoran, director of DHS' National Cyber Security Division, said this morning. The national system will provide alerts to two communities: technical users responsible for protecting critical infrastructure and end users.

In addition to technical bulletins that security administrators can sign up to receive, tips on preventing computer security problems will be sent to end users who go to DHS' Web site and click on the sign-up button. "The intent is for this information to be made available to the widest and most appropriate distribution," Yoran said.

The CERT Coordination Center at Carnegie Mellon University, one of the organizations working with DHS on the new alert system, will continue its advisory mail list, CERT officials said.