By
The Associated Press
WASHINGTON - Some of the biggest names in cyberspace - IBM, Cisco, Microsoft, and Oracle - are teaming up with the government to create a private-public dragnet to catch hackers before they cause costly damage to Internet sites.
The not-for-profit partnership, announced yesterday and including 19 top high-tech firms, will coordinate to share information among each other and with the government and respond to computer threats.
Called the Information Sharing and Analysis Center for Information Technology, or IT-ISAC, the group will force top companies that are usually fiercely competitive to work together.
"This initiative is done regardless of party or corporate logo," Howard Schmidt, chief security officer at Microsoft Corp., said at the kickoff event.
With constant reports of security breaches where credit card numbers and computer software source codes are stolen by thieves, extortionists, or just bored teen-agers, the executives said they were forced to take a more active role. They will also share information with government computer cops.
"We are sending a strong signal to would-be attackers that we are not going to let you get away with cyberterrorism," said Commerce Secretary Norman Mineta, who will be transportation secretary in the Bush administration. "We stand united."
Mineta said that as a former executive at Lockheed-Martin, he knows how protective a company can be about its information.
"The last thing that a corporate executive wants to do is share information about his own company with the competition," he said, calling the founding companies "courageous" for doing so.
To work together, the companies said they may eventually need some antitrust exemptions and would benefit from a bill in Congress that would exempt any data they shared with the government from freedom-of-information requests.
The executives said they had seen computer attacks increase threefold since the February 2000 incidents that choked top Web companies like the Yahoo! search engine and auction leader eBay.
If such a thing happened today, they said, the companies could react more quickly.
"They'd work together to see where they could best stem the attacks," said Allan Schoenberg, spokesman for Internet Security Systems in Atlanta, which will provide a public Web site and analysis for the group.
But most of the work will be done before an attack occurs, the executives said, likening the group to a "virtual research university with an emergency room attached to it."
The IT-ISAC group will join the two other computer response teams funded with taxpayer money, both founded in the late 1980s. The Computer Incident Advisory Capability, run by the Energy Department, and CERT, run by Carnegie Mellon University and funded by the government.
CERT was founded in 1988 after a Cornell graduate student released a computer program that took down much of the fledgling Internet.
The executives stressed that not only large corporations will benefit from yesterday's announcement, but that thousands of tiny Internet storefronts use the same software - which has the same security holes - and serve the same customers.
"Every one of us either has been or will be attacked in cyberspace," said Mary Ann Davidson of database giant Oracle. "A threat against one is truly a threat against all."
