|CERT® Coordination Center|
Day and night, a group of cyber-crimefighters in Pittsburgh spend their time attacking bugs, worms and viruses - those creepy crawlies that can disable computer systems, including the systems which comprise the Internet. This group, known as the CERT® Coordination Center, is an organization largely responsible for warning others on the Internet about computer-security threats, and is located at the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. CERT/CC was established by the Defense Advanced Research Projects Agency (DARPA) in November 1988, after a Cornell University graduate student released the "Morris Worm," which brought down much of the Internet and demonstrated its vulnerability to attack. Members of CERT provide technical assistance and coordinate responses during security emergencies, work with other security experts to identify trends and solutions to security problems, to disseminate information to the Internet community and to help prevent future incidents. The CERT/CC also analyzes product vulnerabilities, publishes technical documents and presents training courses.
While it has come to symbolize security on the Web, CERT is itself still vulnerable. On May 22, 2001, unknown attackers inundated the CERT/CC computer systems with data, cutting off the public's access to the organization. While access to the organization's Web site was still sporadic early on Wednesday, the attack didn't knock CERT out completely. "None of our data has been compromised by this attack, and we are still in business," said Ian Finlay, CERT's Internet security analyst. "We have alternate means to issue an advisory if it becomes necessary."
This particular type of attack, known as a denial-of-service attack, attempts to overload or crash computers connected to the Internet so that people can't access them. It doesn't involve a break-in at the target site; it just keeps the target machine so busy responding to a stream of automated requests that legitimate visitors cannot get in. It is just one of many types of attacks which take place on the Internet every day. The important lesson to be learned is that everyone is vulnerable, yet because of organizations like CERT we are all much safer. Back in 1988 CERT had three people on staff and dealt with six incidents. Today more than 50 people work for CERT, and in the first quarter of 2001 they responded to 7,047 incidents.
CERT is also not alone in defending the security of the Internet. Since its inception, more than 90 other computer emergency response teams have been formed around the world. The majority of these organizations are members of FIRST, the Forum of Incident Response and Security Teams, which was formed in 1990 to aid in communication and coordination among teams with differences in language, timezone and international standards or conventions.
In 2000, CERT/CC was named "Best Security Idea or Practice" by Secure Computing Magazine, and described as "a beacon to the rest of the information security world." It's nice to know that we have such wonderful group of cyber-watchdogs in our own backyard!