The SANS Internet Storm Center has been doing this for ages. It has the advantage of being data driven, using the DShield reports as a primary sensor mechanism.
http://isc.sans.org/ >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:full-disclosure- >[EMAIL PROTECTED] On Behalf Of Mike C >Sent: Saturday, November 29, 2008 9:35 PM >To: Full Disclosure >Subject: [Full-disclosure] Project Chroma: A color code for the state >ofcyber security > >Hi, > >It is time to take an example from Homeland Security and define codes >of color for cyber-warfare threat levels. I propose the following: > >Green level: There is negligible threat to online security. >Yellow level : There is a minimal level of threat, and this must be >monitored and contained. >Orange level: This level of threat indicates there are parties who are >actively engaging in cyber-warfare. Caution is required when online. >Red level: This level indicates a full blown cyber-war. It indicates >very high probability of all communications being intercepted. > >While homeland security's implementation does not seem to have a real >world merit, such a threat level would certainly be very useful in the >online security realm. Please disseminate this announcement of the >project Chroma levels for online security. The immediate mission of >the project is to be picked up by the antivirus and security tools >vendors, so as to add the color codes to their products and provide >users with a tangible measure of their online security. > >Current status: Threat level Yellow. > >-- >MC >Security Researcher >Lead, Project Chroma. > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
