By Rutrell Yasin
Feb. 7, 2007
San Francisco -- The Defense Department is on the verge of signing an
agreement to share incident information with the North Atlantic Treaty
Organizations Computer Emergency Response Team (CERT), said Mark Hall,
director, DOD International Information Assurance Program and co-chair
of the National Cyber Response Coordination Group (NCRCG).
The agreement will involve the sharing of incident and threat
information, Hall said today. There are 26 NATO countries and the
organizations CERT center is connected to all of those nations networks,
he also said.
Its a lot easier for me to work with NATO than 26 countries bilaterally,
Hall said. He participated in a panel at the RSA security conference
here that focused on Protecting U.S. Cyberspace: Coordinating National
Response to Cyber Attacks.
The NCRCG is the federal governments incident response coordinator. The
group guides federal agencies and works with the private sector, state
governments and other nations to defend U.S. cyberspace. Other members
of the panel included Mike Witt, deputy director of U.S. CERT;
Christopher Painter, principal deputy chief, U.S. Department of Justice;
and Jerry Dixon, director of the National Cyber Security Division.
During a question-and-answer session, Witt gave an update on the role
U.S. CERT played in assessing the effect of the Feb. 6 cyberattack on
three Domain Name System root servers, the Internets backbone. U.S. CERT
worked with owners of critical infrastructure and other Internet
organization to minimize the attack, Witt said.
Hackers appeared to have launched botnets of zombie PCs against three
root servers. The servers attacked included the G, which host .mil web
sites, the L and M. The DNS servers were able to withstand the attack.
There was no impact on server operations and no Internet users were
affected, Witt said.
Subscribe to the InfoSec News RSS Feed