NIPC Asks for Help on Cyber Alerts
Security expert Ryan Russell told NewsFactor that the NIPC is known for trailing other cyber security groups, such as CERT, in putting out alerts and warnings.Source: www.newsfactor.com
The National Infrastructure Protection Center (NIPC), the government's main cyber protection agency, is seeking outside help with tracking Internet threats and incidents and generating alerts.
The agency, a division of the Federal Bureau of Investigation, said it is seeking contractor support for its Analysis and Warning Section, which releases computer security alerts to the public.
Security experts said that because the NIPC tends to be late on warnings and provides minimal detail in its advisories, the agency could use the help. However, experts also pointed out that the agency has an advantage in terms of access to incident information because of its law enforcement nature.
Cyber Sleuths Wanted
FBI spokesperson Debra Weierman told NewsFactor that the NIPC, which employed 180 people as of May, is seeking computer scientists, network engineers and experts on the nation's infrastructure , including the Internet, power and water.
"We are asking for new [people] in order to gain additional expertise and help from outside people who have the knowledge we need," Weierman said, noting that the NIPC wants to gain support in its analysis of threats, historical incident data and distribution of alerts to partners and the general public. She could not say how many contractors are being sought.
Security expert Ryan Russell told NewsFactor that the NIPC is known for trailing other cyber security groups, such as the Computer Emergency Response Team (CERT), in putting out alerts and warnings. In addition, he noted, other public organizations and private companies are better at disclosing technical details of software and other vulnerabilities.
"[The NIPC warnings] tend to be a bit late and not contain a lot of detail," Russell said. "I think there's a lot of room for improvement."
However, Russell noted, in some cases the NIPC is the first or only organization to disclose incident data because it is the only group privy to law enforcement information.
"That's the kind of stuff I'd like to see more of," he said. "I think it would be more useful for them to publish information about incidents. That's where they should focus."
Russell added that the NIPC is in a better position to focus on and publish statistical and historical incident data, rather than trying to keep up with vulnerability reporting that is already performed by other agencies and companies.
Avoidance Through Alert?
The call for support comes just a week after the agency warned of widespread hacker attacks. The fact that no significant Internet assault materialized had many calling the alert a false alarm. However, Weierman defended the warning, which came from the same NIPC section that is currently seeking outside support.
"It really wasn't a false alert," she said. "We had information that this could happen, and we're always pleased and grateful when we put out an alert and the awful things don't come to fruition. We're pleased we did this, and the result was it didn't happen."
Russell agreed, adding that the NIPC is known for being cautious and probably had reliable information and good reason to issue the warning.
"There's a possibility NIPC is actually preventing a problem by reporting it in time," Russell said. "If that's the case, the warning more than served its purpose."
Home | What's New | Articles | Links
Library | Staff | Contact Us
Copyright © Computer Crime Research Center, 2001-2002 All Rights Reserved.
Contact the CCRC Office at 380-612-735-907