NEWS AT SEI

In September 2003, the U.S. Department of Homeland Security announced the creation of the US-CERT, a joint effort between the Department of Homeland Security’s National Cyber Security Division (NCSD), the CERT Coordination Center (CERT/CC), and the private sector to improve the nation’s cyber security capability. US-CERT will build on CERT/CC capabilities to help prevent cyber attacks, protect systems, and respond to the effects of cyber attacks across the Internet.

Goals

US-CERT’s mission includes

• identifying, analyzing, and reducing threats and vulnerabilities
• disseminating threat warning information
• coordinating incident response
• providing technical assistance in continuity of operations and recovery
• serving as a national focal point for the public and private sector regarding cyber security issues

The goal of US-CERT is to reduce the frequency and severity of cyber attacks by building collaborative partnerships among organizations that participate in cyber watch, warning, and response functions. The organizations include computer security incident response teams, information sharing and analysis centers, managed security service providers, information technology vendors, and security product and service providers. The partnerships will strengthen national and international efforts, with each organization offering its own unique resources and expertise. Jeffrey Carpenter, manager of the CERT/CC, notes, “Today, most of the interaction between organizations is informal. But organizations are coming to realize that they have to work together on Internet security. We’re much more powerful together than individually.”

Products

As a national resource, US-CERT must serve a diverse audience that includes technically sophisticated users, inexperienced users, executives, and policymakers. This challenge extends to the products that US-CERT is offering. The CERT/CC and NCSD have jointly developed a new National Cyber Alert System, a series of information products targeted at home and non-technical corporate users and technical experts in businesses and government agencies. There are four products available.

• Technical Cyber Security Alerts
  These technical alerts, written primarily for system administrators, provide timely information about current security issues, vulnerabilities, and exploits, including potential impact and action required to mitigate threats.
  
• Cyber Security Bulletins
  A resource for technical users, these bulletins summarize security issues and new vulnerabilities and include information about patches and workarounds.
  
• Cyber Security Alerts
  Similar to Technical Cyber Security Alerts, these alerts also provide timely information about current security issues, vulnerabilities, and exploits, but they are written with language and advice suited to non-technical users. Cyber Security Alerts are published when there is an issue that affects the general public.
  
• Cyber Security Tips
  A resource for non-technical home and corporate computer users, Cyber Security Tips describe and offer advice about common security issues. They are published bi-weekly.

These products are available on the US-CERT Web site, where there are also instructions for how to subscribe to National Cyber Alert System mailing lists.

CERT/CC Celebrates 15 Years

In November 2003, the CERT Coordination Center celebrated its 15 year anniversary. Established by the Defense Advance Research Projects Agency (DARPA) in 1988, the CERT/CC had multiple functions:

• responding to computer security threats
• helping other organizations respond to emergency situations
• serving as a focal point for identifying and fixing security vulnerabilities
• assessing the security of systems
• increasing user awareness about security

Over the years, as the work of the CERT/CC has evolved with society’s increased reliance on technology, the organization has remained committed to its efforts to secure networked systems. The CERT/CC has helped foster the creation and operation of many other response organizations around the world and has established strong relationships with vendors, government agencies, and security experts. Staff members actively participate in a variety of organizations committed to security and survivability and are regularly asked to testify before Congress.

At the anniversary celebration, Rich Pethia, the director of the CERT/CC, looked to the future: “While there is much work yet to be done, I am confident that the professionals in this global watch and warning network will continue to find increasingly effective ways to deal with the new challenges we are sure to face.”