The government gets proactive about cyber-threats

The MyDoom virus and its ability to overload and crash SCO’s Web site proves that cyber-terrorism is real.  What’s worse, SCO KNEW the attack was going to happen, and the company still couldn’t prevent it.  This episode shows that any tech-savvy fanatic that disagrees with an organization’s policies or politics can severely hamper the organization’s ability to conduct business via the Internet. 

What if the target of the next cyber attack is the networks that run the nation’s power grids?  Or how about a major banking system?  What if some cyber nut uses a virus or other means to attack numerous strategic businesses or governmental agencies at once?  Our nation’s way of doing business has become very dependent on this network of computers that is only as secure as its weakest links.

That’s why the National Cyber Security Division (NCSD) within the Department of Homeland Security has launched the new National Cyber Alert System.  Managed by US-CERT, the alert system is America’s first cohesive national cyber-security system for identifying, analyzing, and prioritizing emerging vulnerabilities and threats. 

US-CERT is a partnership between NCSD and the private sector, and it was established to protect our nation’s Internet infrastructure through global coordination of defense against and response to cyber incidents and attacks across the nation.  Through the new alert system, US-CERT will send cyber-security alerts, bulletins and tips to subscribers. 

Such information comes in two “flavors” – technical and non-technical.  Technical alerts and tips are intended for experienced users and information technology professionals such as network administrators.  Examples of technical alerts can be viewed at https://www.us-cert.gov/cas/techalerts/index.html.  The alerts provide you with a summary of the vulnerabilities as well as recommended actions and links to additional resources.

Non-technical information is intended for non-IT business professionals and home users of computer systems.  Examples of such alerts can be found at https://www.us-cert.gov/cas/alerts/index.html.  Having looked at these alerts, I’d say that the reader still would have to be pretty tech-savvy to comprehend the meaning and recommended actions. 

To sign up for your preferred version of the alerts and bulletins (or for all of them), go to https://www.us-cert.gov/cas/index.html. 

While you’re on the US-CERT Web site (http://www.us-cert.gov) to register for the alerts, take time to peruse other areas of the site for more useful information.  In the reading room under “Resources,” you’ll find good basic information about security that could be used as a primer for your end users.  For example, there’s information on securing your home computer, which is critical for people who connect to the office network from home, even if it is only occasionally.

These days, computer security is everyone’s concern.  To provide effective security, you’ve got to be proactive.  Alerts coming from a trusted source like the Department of Homeland Security are one more way to ensure your network or company Web site doesn’t experience the fate of SCO’s domain this past Feb. 1.

Linda Musthaler is vice president of Currid & Company.  You can write to her at mailto:Linda.Musthaler@currid.com