San Francisco -- The Defense Department is on the verge of signing an agreement to share incident information with the North Atlantic Treaty Organization’s Computer Emergency Response Team (CERT), said Mark Hall, director, DOD International Information Assurance Program and co-chair of the National Cyber Response Coordination Group (NCRCG).
The agreement will involve the sharing of incident and threat information, Hall said today. There are 26 NATO countries and the organization’s CERT center is connected to all of those nations’ networks, he also said.
“It’s a lot easier for me to work with NATO than 26 countries bilaterally,” Hall said. He participated in a panel at the RSA security conference here that focused on “Protecting U.S. Cyberspace: Coordinating National Response to Cyber Attacks.”
The NCRCG is the federal government’s incident response coordinator. The group guides federal agencies and works with the private sector, state governments and other nations to defend U.S. cyberspace. Other members of the panel included Mike Witt, deputy director of U.S. CERT; Christopher Painter, principal deputy chief, U.S. Department of Justice; and Jerry Dixon, director of the National Cyber Security Division.
During a question-and-answer session, Witt gave an update on the role U.S. CERT played in assessing the effect of the Feb. 6 cyberattack on three Domain Name System root servers, the Internet’s backbone. U.S. CERT worked with owners of critical infrastructure and other Internet organization to minimize the attack, Witt said.
Hackers appeared to have launched botnets of zombie PCs against three root servers. The servers attacked included the G, which host .mil web sites, the L and M. The DNS servers were able to withstand the attack. There was no impact on server operations and no Internet users were affected, Witt said.
Digg
De.licio.us
Slashdot
Technorati
