Two days after MyDoom hit the Net running and tied up large volumes of e-mail traffic, the U.S. Department of Homeland Security has rolled out an alert system to warn computer users about viruses, worms, and other cyberthreats, plus general tips on better securing their computers.
"The intent," Homeland Security cybersecurity division director Amit Yoran told Reuters, "is for this information to be made available to the public to receive the widest and most appropriate distribution."
Meant to augment such alerts as handed up by private antivirus and computer security companies like Symantec, Network Associates, and Sophos, the Homeland Security system will not offer color-coded threat levels, as the department does for potential terrorist attacks. And such companies will work with Homeland Security on getting the virus alerts the widest possible dissemination.
Computer users can sign up for the alert system at the department's Computer Emergency Readiness Team's Website.
"The development and initial operating capability of the National Cyber Alert System elevates awareness and helps improve America's IT security posture," Yoran said in an official statement. "We are focused on making the threats and recommended actions easier for all computer users to understand, prioritize, and act upon. We recognize the importance and urgency of our mission and are taking action."
"The President's National Strategy to Secure Cyberspace provides a framework for the public and private sectors to work together to secure cyberspace," Homeland Security undersecretary for information analysis and infrastructure protection Frank Libutti said in his own remarks. "The National Cyber Security Division's mission is to serve as a focal point for implementing the National Strategy and protecting the American people."
On day three of MyDoom's trip around cyberspace, various reports have indicated the worm has accounted for a whopping one in nine e-mail messages almost since it first began moving seriously on Jan. 26. And SCO Group, the intended target of the worm's pre-programmed Feb. 1-12 attacks, has offered a $250,000 bounty for information that gets MyDoom's creator(s) arrested and convicted.
Security alert information sharing between private antivirus and computer security interests and the government is long enough overdue, according to @Stake research and development director Chris Wysopal. "We do it in all other spheres ? the weather, earthquakes, etc.," he told Wired. "It's good for the government to take this role."
But he cautioned that one problem with such alerts is that not everyone would recognize how important it is to sign up for them. "There has to be some education that if you're a home user you are basically responsible for managing your own security," he told Wired.
