DHS, CERT Work on Cyberalert System

Sometimes the sky is falling. But now there’s a way to hear about it in time to dodge the debris.

The Department of Homeland Security has teamed up with the U.S. Computer Emergency Readiness Team (US-CERT) to form a cybersecurity alert system. The system sends e-mails with information about cyberattacks.

A massive e-mail list of those in charge of securing systems and thousands of e-mails that contain critical information to keep those networks safe might make some people nervous. But officials in charge of the system say that there is a vital need for this alert.

The National Cyber Alert System is generated by the Software Engineering Institute’s CERT Coordination Center. US-CERT works closely with DHS, in particular its National Cyber Security Division.

The system includes two types of alerts: technical, geared to corporate users, and nontechnical, for home users, says Larry Hale, deputy director of US-CERT. Technical alerts offer categories of information, what systems are affected, a brief description of the breach, expected impact from the attack and suggested reference materials.

More important, the alerts offer solutions, whether through a recommended patch, suggestions on components to disable or antivirus solutions.

“We’re not just going to say the sky is falling. We want to give solutions,” says Hale. These answers come from a range of vulnerability and malicious code analysts who work either with CERT or with its spectrum of partners, which include DHS and private-sector experts.

When CERT detects a serious vulnerability, an e-mail alert is sent out to a list of subscribers. Less dangerous vulnerabilities are posted on CERT’s website and are included in a biweekly e-mail. Hale says CERT determines the risk level of vulnerabilities by examining their impact on critical infrastructures, how widespread the attack is and the impact level.

With a mass amount of e-mails attached to fountains of security information, one could argue this list is just asking to get hacked. Sen. Charles Schumer (D-N.Y.) has argued that what DHS and CERT have done is open another window to spread viruses. Schumer says another flaw in the alert system is that it does not mandate that private industry report viruses.

“What DHS did was essentially challenge computer hackers all over the world to put a virus into an e-mail that mimics the DHS e-mail warnings,” Schumer said in a statement.

Hale says CERT has instilled some security checks in its alerts. Users should look for a digital signature from CERT on each e-mail and always open e-mail on a secure network.

To sign up for the National Cyber Security Alert System, go to www.cert.org. All information from the alerts will also be posted on CERT’s website.