Symantec Cries Wolf About ThreatCon 4: Imminent Global Internet Failure

from the aesop's-modern-fables dept

Symantec's DeepSight threat warning system sent out an erroneous "ThreatCon 4" warning on Friday caused by an errant product test. ThreatCon 4 is the highest level of warning that can be issued by the DeepSight system, and is supposed to indicate times where "extreme global network incident activity is in progress." The level 4 warning has never been issued; the last time level 3 was reached was back in 2004. Symantec issued a retraction of the false alarm approximately an hour after it was issued, and so far, no reports of harm from the false alarm are apparent. Actually, it doesn't even seem like anyone took this warning that seriously at all, considering the lack of any sort of response. And without any sort of response, doesn't that make the early warning system, well, not that useful? After an hour without much of a response, they should have just said: "This was a test of the DeepSite early warning system. Had this been a real warning..."
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: security
Companies: symantec

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    ProphetBeal, 25 Sep 2007 @ 10:01am

    Not as bad as you may think

    I think you are blowing this way out of proportion. Just because there were “no reports of harm” doesn’t mean that companies or governments that received the message didn’t take action (most likely automated action). The fact is that if someone is using this early warning system they will, most likely, not want to report anything (either success or failure) because that would be seen as a security risk.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

Introducing the new Techdirt Insider Chat, now hosted on Discord. If you are an Insider with a membership that includes the chat feature and have not yet been invited to join us on Discord, please reach out here.

Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.