How US-CERT gets the word out

HOW IT WORKS

How US-CERT gets the word out

When a major vulnerability hits the Web, it is the U.S. Computer Emergency Readiness Team’s job to sound the alarm as quickly and effectively as possible. And given Heartbleed, Shellshock and other menacing revelations, US-CERT has had plenty of clamoring to do.

Users can subscribe to four separate US-CERT mailing lists, with “alerts” being the most urgent. Those alerts often include descriptions that are not overly technical so that a non-geek can understand them and take remedial security steps.

For instance, the alert for Heartbleed, the OpenSSL flaw discovered in April 2014, states: “This flaw allows a remote attacker to retrieve private memory of an application that uses the vulnerable OpenSSL library in chunks of 64K at a time.”

Users can rate the helpfulness of the alert as “yes,” “no” or “somewhat” at the bottom of each update. That feedback is presumably factored into how future alerts are crafted.

Although US-CERT is one of the main disseminators of threat information, it does not work alone. As part of the Department of Homeland Security’s National Cybersecurity and Communications Integration Center, the team has tapped the FBI, the Financial Services Information Sharing and Analysis Center, trusted private firms and a Canadian cyber response center for help in preparing alerts.

Like other federal offices that handle cybersecurity, US-CERT’s effectiveness rests on breaking down bureaucratic barriers so that it can act more quickly on threats, which can spread like wildfire.

US-CERT Director Ann Barron-DiCamillo said in a recent interview that industry is always interested in getting information more quickly and with greater context. Therefore, her team is working with intelligence agencies to surface relevant data from classified reports, she added.

Top-secret intelligence reports on cyber threats contain technical data that is not classified. Separating that information “has been a huge focus, and it’s really helping with the timeliness as well as richer content associated with what we’re sharing,” she said.

This article originally appeared in FCW, a sister brand to GCN.

About the Author

Sean Lyngaas is a former FCW staff writer.

Featured

  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/Shutterstock.com)

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.