As eWEEK corporate partner and defense advanced research projects Agency CIO Dave Thompson pointed out during
a recent roundtable discussion, "There is no early warning system on the Internet.
"It will take nothing short of a community effort to secure the Internet," Thompson said. "Attacks of all kinds, including the high-profile distributed denial-of-service attacks and the ILoveYou virus, can be avoided or minimized but only if businesses take a community approach to network defense."
Simple steps such as ingress filtering, which is easily enabled at the router and has little effect on normal network traffic, can save companies time and trouble down the road, but companies must also take the time to worry about protecting other sites. Sharing a little information could go a long way toward neutralizing future attacks. The recent ILoveYou virus highlighted the reluctance of companies to share information on security problems with other businesses. If the companies that were hit first had sent out notices on the virus, other IT departments could have prepared to prevent onslaughts.
Although sites such as CERT do provide early warnings on security threats, many IT administrators don't watch it daily, and it's often difficult to determine the severity of new threats listed every day. However, seeing warnings from fellow administrators would be something that many would take seriously.
Thompson said, "Now we've got to let everybody know that when people are out there with guns, you've got to carry one, too."