New center to monitor attacks on private networks
- By Alice Lipowicz
- Apr 22, 2005
A new cybersecurity operations center at the University of Pennsylvania in Philadelphia has been set up to continuously monitor and report cyberattacks against privately owned computer networks related to critical infrastructure.
The non-profit Cyber Incident Detection Data Analysis Center, or Ciddac, will use monitoring devices to automatically detect cyberattacks. To address privacy concerns about the information it gathers, the center will scrub the data before it is released to law enforcement agencies, the government and other Ciddac members.
Participation is voluntary and is being offered to private operators of banking, water, power, transportation and other critical infrastructure.
"The Ciddac method of gathering cyberthreat data is done in such a way that the private sector can both report and benefit from such data without worrying about the government accessing their internal network," said Charles "Buck" Fleming, executive director of Ciddac. "The rapid sharing of such crucial information will allow U.S. companies and the nation as a whole to operate more securely and smoothly."
The service, which is expected to be operating by October, uses Real-time Cyber Attack Detection Sensors linked to participants' networks that, while capturing attack information, are isolated from production traffic. "Therefore, no production data is ever at risk of being disclosed," a Ciddac press release said.
The sensors also are linked to the data analysis center, which will alert law enforcement, including FBI if appropriate, and other member organizations, once a threat is detected. The law enforcement agencies compile attack signatures used to quickly investigate and neutralize cyberthreats. The identity of the reporting company remains confidential.
The new center is associated with the university's Institute of Strategic Threat Analysis and Response, and has received funding as a pilot project from the Department of Homeland Security's Science & Technology Directorate. The amount of funding was not immediately available.
"Rapid information sharing is vital to combating cyber criminals," John Eckenrode, special agent in charge from FBI's Philadelphia division, said in a statement released by Ciddac. "A victim of a cyberattack must be able to collect and analyze a large amount of data in a short period of time to identify the attacker. The private sector must take the lead in identifying significant cyberthreats and be willing to share that information with other businesses and law enforcement if we ever want to effectively reduce the threat of cyberattacks."
Members pay $10,000 annually to receive one sensor device for network deployment, a year of continuous 24-hour monitoring, direct access to the operations center, alert services, and trend analysis reports.
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.