As eWEEK corporate partner and defense advanced research projects Agency CIO Dave Thompson pointed out during
a recent roundtable discussion, "There is no early warning system on the Internet.
"It will take nothing short of a community effort to secure the Internet," Thompson said. "Attacks
of all kinds, including the high-profile distributed denial-of-service attacks and the ILoveYou virus, can be avoided
or minimized but only if businesses take a community approach to network defense."
Simple steps such as ingress filtering, which is easily enabled at the router and has little effect on normal network
traffic, can save companies time and trouble down the road, but companies must also take the time to worry about
protecting other sites. Sharing a little information could go a long way toward neutralizing future attacks. The
recent ILoveYou virus highlighted the reluctance of companies to share information on security problems with other
businesses. If the companies that were hit first had sent out notices on the virus, other IT departments could
have prepared to prevent onslaughts.
Although sites such as CERT do provide early warnings on security threats, many IT administrators don't watch it
daily, and it's often difficult to determine the severity of new threats listed every day. However, seeing warnings
from fellow administrators would be something that many would take seriously.
Thompson said, "Now we've got to let everybody know that when people are out there with guns, you've got to
carry one, too."
