The ANI vulnerability has been been of recent concern. I've been waiting for a few key events to be confirmed before adjusting the INFOCon. We don't take these decisions lightly.
Rating systems such as Symantec's ThreatCon (currently at 2 of 4,) FS/ISAC's Cyber Threat Advisory (currently at Guarded,) and our INFOCon (now at Yellow) all have their particular niche. Symantec focuses on their AV and managed-security-service customers. FS/ISAC focuses on financial institutions. The Internet Storm Center's INFOCon intent is to "to reflect changes in malicious traffic and the possibility of disrupted connectivity."
In the initial stages of this event, we did not satisfy the criteria to raise the INFOCon level. Now, we have a different landscape.
Mar 31st 2007
1 decade ago