With worldwide Black Hats indulging themselves during the July 4 weekend in a "first-ever" web site "Defacers Challenge," the ongoing rollout of the new Cyber Warning Information Network appears more than just timely.

The private IP, non-classified C-WIN alert and analysis system is one of the first post-9/11 systems constructed that perceives the Internet as a potential "soft target" for cyber terrorists and other online evildoers.

C-WIN has been shipped to about 250 sites in the U.S. and abroad, according to Mary Ann Elliott, CEO of Arrowhead Global Solutions, Inc., the company that engineered the system. Recently, a White House official said that as many as 50 sites are now running C-WIN in defense of threats to the Internet such as the recent "Challenge," a hacker-staged event in which points and prizes were offered to anyone who successfully assaulted legitimate web sites on July 6.

In May, Elliott said C-WIN was already up and running in the FBI, DISA, most Homeland Security agencies, and in Canada too. Managed by the National Communications System (NCS), C-WIN is a platform for notification and analysis of such threats, not a firewall itself.

C-WIN bypasses both the public service telephone network and the Internet in favor of a dedicated alert network that relies on the growing post-9/11 trend to use what might be called a "client/server-plus" approach to system design. Elliott said engineers steered around all the points of failure in IT and communications platforms on September 11, 2001, as they built C-WIN.

Relying on an AT&T network backbone, Dell servers, an Avaya VoIP phone system, and other components, Arrowhead engineered Multiple Protocol Label Switching (MPLS) into C-WIN's backbone.

"The MPLS network has the intelligence to distinguish between the different types and levels of services-and to prioritize them," Elliott said. "This insures that voice, data, video and other applications can all work at high quality over a single network."

With C-WIN, PC upgrade and maintenance issues are about nil, she said. "There's no desktop configuration because all software and apps run on the server," Elliott told this year's AFCEA TechNet conference. "There are no rogue or unlicensed software problems. Even if the thin client is stolen, it's just petty paperwork. There's no data in the thin client. It's all back in the server."

Low cost, low maintenance, and ease of use and management are big issues if C-WIN is to be adopted beyond a limited community of government cybersecurity specialists. Former White House cyber-security leader Richard A. Clarke envisioned the system would be employed broadly across critical infrastructure industries like transportation, power, banking and others, so that the U.S. and allies would have a single platform for sharing information and broadcasting alerts about threats to the Internet and critical systems.

But some in the private sector have questioned whether government anti-hacker systems will eventually be sieves for their own sensitive business data-which they fear could become subject to special interest- and third party lawsuits, or to FOIA requests, if released into public sector-owned systems.

The flip side of the issue also remains provocative. The extent to which organizations voluntarily adopt systems like C-WIN could guide the debate as to whether the Internet broadly, and/or critical infrastructure IT shops specifically, will attract more regulatory legislation.

Photo: Courtesy U.S. Air Force