Cybercenter monitors data
- By Alice Lipowicz
- Apr 29, 2005
A new cybersecurity operations center at the University of Pennsylvania in Philadelphia has been set up to continuously monitor and report cyberattacks against computer networks related to critical infrastructure.
The nonprofit Cyber Incident Detection Data Analysis Center, or Ciddac, will use monitoring devices to automatically detect cyberattacks. To address privacy concerns about the information it gathers, the center will scrub the data before it is released to law enforcement agencies, the government and other Ciddac members.Private sector
Participation is voluntary and is being offered to private operators of banking, water, power, transportation and other critical infrastructure.
'The Ciddac method of gathering cyberthreat data is done in such a way that the private sector can both report and benefit from such data without worrying about the government accessing their internal network,' said Charles 'Buck' Fleming, executive director of Ciddac. 'The rapid sharing of such crucial information will allow U.S. companies and the nation as a whole to operate more securely and smoothly.'
The service, which is expected to be operating by October, uses Real-time Cyber Attack Detection Sensors linked to participants' networks that, while capturing attack information, are isolated from production traffic. 'Therefore, no production data is ever at risk of being disclosed,' a Ciddac press release said.
The sensors also are linked to the data analysis center, which will alert law enforcement, including FBI if appropriate, and other member organizations once a threat is detected. The law enforcement agencies compile attack signatures used to quickly investigate and neutralize cyberthreats. The identity of the reporting company remains confidential.
The new center is associated with the university's Institute of Strategic Threat Analysis and Response and has received funding as a pilot project from the Homeland Security Department's Science and Technology Directorate. The amount of funding was not immediately available.
Members pay $10,000 annually to receive one sensor device for network deployment, a year of continuous 24-hour monitoring, direct access to the operations center, alert services and trend analysis reports.
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.