Results 1 to 2 of 2

Thread: Federal e-mail cyber-alert system unveiled

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323

    Federal e-mail cyber-alert system unveiled

    From CNN

    WASHINGTON (CNN) -- Homeland Security officials unveiled on Wednesday a new cyber-alert system to help protect the nation from attacks on computer-based networks and to prevent any attacks elsewhere from affecting cyberspace.

    The National Cyber Alert System, described in a telephone briefing, will include alerts and bulletins distributed by e-mail subscription and through a government Web site.

    The Web site also provides a means to report such threats discovered by computer users and other information technology experts.

    "We are moving to a more proactive stance," said Amit Yoran, director of the National Cyber Security Division of the U.S. Department of Homeland Security. The system, he said, will be "providing periodic pieces of information to better secure systems and address known vulnerabilities before they fall victim to various types of cyber attack."
    <snip>

    Criteria for such a warning include the visibility of the threat, how actively it is being exploited, the risk to national security, and the risk it presents to other critical infrastructure.

    The cyber-alert system will not include color-coded levels of threat, as is done with the general threat level posted by the Department of Homeland Security. Yoran said the possibility of attack on cyberspace is considered one of the factors that go into the overall assessment of the nation's security.

    The Web site where people can sign up for the cyber alerts is www.us-cert.gov.
    Oh yay. More email. Seriously though. Why not work with CERT on this kind of stuff? Why recreate the wheel?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    I believe they already are...

    http://www.us-cert.gov/

    and... from an email.

    Dear Friends,

    As many of you are aware, a few months ago the CERT Coordination Center
    (CERT/CC) announced a new partnership with the Department of Homeland Security's National Cyber Security Division (NCSD) to form a response system for our nation and the Internet infrastructure. While this new partnership, known as US-CERT, has been low key, we have been working aggressively to upgrade our capabilities.

    We are pleased to announce significant changes to CERT Advisories that will not only maintain the accuracy and fairness that are the hallmarks of CERT Advisories, but will also provide more information about more topics than before. Beginning January 28, 2004, CERT Advisories will become a core component of US-CERT's Technical Cyber Security Alerts. Significant changes behind the scenes will allow us to provide additional content, in a more timely fashion, to a larger audience.

    US-CERT alerts will include not only the content historically produced by CERT/CC staff, but will also integrate additional content contributed by other organizations from both the public and private sectors. We will maintain the same high quality control standards, edit content for security and privacy, and work to ensure technical accuracy as well as timeliness.

    In addition, US-CERT is pleased to announce the availability of three new
    products:

    1. For non-technical professionals, small office and home office users,
    individuals, and others who prefer less technical descriptions of
    problems, we will be producing a non-technical version of Technical
    Cyber Security Alerts when appropriate. This version, known as a Cyber
    Security Alert, will allow us to provide more appropriate advice to
    both technical and non-technical readers.

    2. Also for non-technical professionals, small office and home office
    users, individuals and others, US-CERT is pleased to announce Cyber
    Security Tips. Tips will be produced every other week and will be short
    documents that provide background and education, for home users and
    others, that can help prevent problems from occurring in the first
    place.

    3. Finally, for technical professionals, we are pleased to announce Cyber
    Security Bulletins. Bulletins will be produced every other week and
    will summarize notable information from the past two weeks, including
    topics covered in Cyber Security Alerts and other sources.

    If you are a subscriber to this list, you will automatically receive the technical version of US-CERT alerts (the Technical Cyber Security Alert) through this list. No action is necessary on your part. If you are not a subscriber to the CERT Advisory mailing list and wish to receive these alerts, you must subscribe to the new US-CERT mailing list.

    If you are interested in receiving any of the other three document types, you must subscribe to those mailing lists separately. Please visit http://www.us-cert.gov/cas/index.html for further information.

    We appreciate your continued support in securing the Internet and the worldwide information infrastructure. We have included a set of anticipated questions and their answers below.

    - ----------------------------
    Frequently Asked Questions about the convergence of CERT Advisories and US-CERT alerts

    Q: You mentioned "significant changes behind the scenes." What are you
    referring to?

    A: Some of these changes include new laboratory and testing facilities,
    enhanced communications networks, and access to additional technical
    expertise. Most importantly, the new changes include the formation of
    strong partnerships with US-CERT across industry and government to take
    advantage of the tremendous wealth of information and expertise that
    exist. The original descriptions of CERT/CC, laid out more than 15
    years ago, our operating history, and the National Strategy to Secure
    Cyberspace envisioned just such partnerships.

    Q: Why are you making these changes to CERT Advisories?

    A: We have taken great care to be accurate, fair, and honest about the
    security risks you face, and we feel a tremendous professional
    obligation to bring you the best, most trustworthy advice we can to
    help you protect your systems. We believe that these changes are
    necessary to ensure that we can provide you with the best information
    possible to protect your systems against the evolving threats we face.

    Q: Does this mean government is taking over the CERT/CC?

    A: No. The CERT/CC has always received the vast majority of its funding
    from the US Government, and US-CERT alerts will continue to be produced
    using the same philosophies as we have in the past, but with more
    timely content from more sources and for more topics.

    Q: Who will have access to the mailing lists?

    A: The CERT Advisory mailing list will remain in the exclusive possession
    of Carnegie Mellon University, where the CERT/CC is located, and will
    not be disclosed to others. The new US-CERT mailing list will be
    similarly managed with strict security controls in place and will not
    be used for any purpose other than sending alerts and other messages,
    and list maintenance.

    Q: Why are you continuing to operate both lists?

    A: We are operating both lists for a period of time to preserve the
    privacy expectations of the subscribers to the CERT Advisory mailing
    list and to allow network administrators sufficient time to make
    appropriate adjustments to filters and redistribution engines.

    Q: What content will be sent to the lists?

    A: Each list will receive identical content through March 2004. During
    this time, subscribers to the CERT Advisory mailing list will receive
    US-CERT Technical Cyber Security Alerts from
    cert-advisory@cert.org. After that, these mailings will be received
    from us-cert.gov.

    Q: What will happen to the CERT Advisory mailing list?

    A: No new subscriptions will be accepted after January 28, 2004, and the
    list will eventually be discontinued. We will run both lists for a
    period of time, but operating both lists over the long term creates
    confusion and management complexity. Subscribers to the CERT Advisory
    mailing list will be advised well in advance of the termination date
    for that list.

    Q: How will US-CERT alerts be signed?

    A: They will be signed with the US-CERT key, available online at
    http://www.us-cert.gov/pgp/encryptmail.html.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •