A CERT for Europe

Pages189-191
Date01 February 1993
DOIhttps://doi.org/10.1108/eb025620
Published date01 February 1993
AuthorPaul Collier
Subject MatterAccounting & finance
A CERT for Europe
Paul Collier
P. A. Collier
is Senior Lecturer in Accountancy at the
Woolwich Centre for Computer Crime
Research,
University of Exeter.
ABSTRACT
With our growing reliance on inter-
connected computers and networks, viruses
and other forms of computer abuse are
becoming an increasing problem. Computer
Emergency Response Teams (CERTs)
have been set up in the USA to respond to
the problem, and an organisation called
'FIRST has been formed by the various
CERTs to act as their mouthpiece.
This paper discusses both the preventa-
tive and response roles of CERTs and then
looks at what is being done to establish
such a system in Europe.
INTRODUCTION
When a computer abuse such as a virus,
worm or trojan horse occurs, the major
problems for site managers often extend
beyond the technical issues to include
communication and coordination diffi-
culties between affected sites. Such chal-
lenges can be tackled successfully if
access is available to an informally
organised group of experts who can faci-
litate the community response to com-
puter security events.
A US MODEL
In the USA, the Internet community1
developed the concept of 'The Compu-
ter Emergency Response Team' (CERT)
following the Internet worm incident in
November 1988. The Defense Advanced
Research Projects Agency (DARPA)
established the CERT Coordination
Center (CERT/CC) at the Software
Engineering Institute (SEI) to improve
communication during emergencies.
The SEI was chosen as the home for the
CERT/CC because it is uniquely posi-
tioned for the government, industry, and
academic sites that are part of the Inter-
net community. Remarking on the crisis
that led to its creation, CERT/CC co-
ordinator Rich Pethia said 'Events such
as the Internet worm of November 1988
are unusual, but they serve as a warning
that our increasing reliance on inter-
connected computers and networks
creates new vulnerabilities'. CERT has
been sufficiently successful to encourage
other organisations in the USA to follow
the model. The various CERTs have
combined to form an organisation called
'FIRST' which acts as a mouthpiece for
CERTs and also as a clearing house for
information.
CERT has both prevention and
response roles. The response efforts are
most widely visible but the prevention
efforts have the greatest long-term
189

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT