US non-profit IT company MITRE today announced the Common Malware Enumeration Initiative. Headed by the United States Computer Emergency Readiness Team (US-CERT) and supported by an editorial board of anti-virus vendors and related organizations it should provide a neutral, shared identification method for malware outbreaks.
During a virus outbreak, participants on the CME board request an identifier from an automated system by providing a sample of the virus and as much additional information as possible. An identifier in the format ‘CME-N’ where N is an integer between 1 and 999 is generated and distributed to the other participants. The participants then disseminate the CME identifier to their contacts in the industry and reference the CME identifier on their web pages, in their product, or when speaking to the press.
Mark Harris, director of SophosLabs at Sophos, one of the CME Editorial Board members, commented: “Historically, regulating virus naming has proven difficult for security vendors, because of the need to issue threat protection as quickly as possible to customers. We encourage more anti-virus vendors to participate in this initiative, which will benefit customers involved in securing their computers from malware attack without disrupting the serious work of rapid virus analysis and protection.”
More information on CME is available at http://cme.mitre.org