Cyber Alert system catches on

National Cyber Alert System

A day after Homeland Security Department officials announced the launch of a national warning system for cyberthreats, the sign-up site has received more than one million hits. Coinciding with the threat of a fast-spreading and mutating virus, the National Cyber Security Alert System has captured public attention, DHS officials said.

An agency spokesman, Donald Tighe, said he could not report how many people had signed up for the alerts and cybersecurity tips since DHS first publicized the system on the morning of Jan. 28. "I can confirm that the day before the announcement, we had just over 9,000 hits to the www.us-cert.gov Web page, and yesterday we had over one million," he said.

An alert that went out this morning warned of a new variant of the MyDoom virus, dubbed MyDoom.B. News reports have referred to MyDoom as a mass-mailing computer worm.

DHS officials were unavailable to provide information on how federal agencies are dealing with the spread of MyDoom and its new variant. At the Internal Revenue Service, however, Michelle Lamishaw, a spokeswoman for the agency, said the virus has not infected the IRS. "They are taking the appropriate steps to protect against the virus and will continue monitoring it," she said. Computers become infected when users open mail attachments containing the virus.

This morning's national cyberalert warned that attackers are now working on tools to hijack computers that have been infected with the MyDoom virus. Once computers have been hijacked, attackers can install other harmful software code on them.

The National Science Foundation reported that it has been blocking all messages and attachments containing MyDoom at the agency's Microsoft Exchange mail server. Robert O'Bryan, deputy director for information systems at NSF, said that shortly after the MyDoom virus and its first variant were detected, NSF received updated virus signature files from McAfee, the antivirus software vendor. O'Bryan said the signature updates have provided another layer of protection for employees' desktop PCs.

According to DHS' alert, security experts who have investigated the virus code say that MyDoom.B is programmed to launch a denial-of-service attack next week against the Microsoft Corp.'s Web site, www.microsoft.com. A previous version of the virus, MyDoom.A, is programmed to attack the Web site of the SCO Group, a Unix software company.

Separate reports from the British company mi2g Ltd. describe MyDoom as a highly sophisticated new class of "distributed intelligent malware agents," which have been the subject of military research for a number of years.