Like the original, yesterday's variant is programmed to avoid targeting e-mail addresses used by the government, military, the search site Google and some Web domain names associated with open-source software community.
"When the bomb goes off on [Sunday], that's when we're expecting to see some major issues," said Lloyd Taylor, vice president of technology and operations at Keynote Systems Inc., a Web performance monitoring firm.
The new federal alert system is intended to make the government the trusted source of computer-security information, which currently is disseminated by various corporate, research, government and quasi-public organizations.
Cyber-threats to national infrastructure, for example, were the responsibility of the old National Infrastructure Protection Center, which was under the FBI until the Homeland Security Department was formed.
Several companies and research institutions have Web sites with information on virus, worm and other threats, with many of them selling programming solutions to network operators to fend off particular attacks. Many firms sell consumers various products to protect their home systems while providing security information.
Some security experts questioned whether the alerts are the best first use of the newly formed cybersecurity division.
"Is the lack of information sharing the biggest problem?" said Mark D. Rasch, vice president Solutionary Inc., a cybersecurity firm. "No."
But Yoran said it is important that such information come from a neutral source.
"The vendor community is focused on sales as well as on protecting their clients," said Yoran, who recently took over the division after working at Symantec Corp., which sells Norton anti-virus and other security products. "Coming from the U.S. government, the focus is solely on the public interest."
John Pescatore, a computer-security analyst for the research and consulting firm Gartner Inc., said it is especially important for consumers to have a place to go whose intent is not to sell products.
Unlike the wealth of information that is available for companies, "there's not a lot that is unfiltered for consumers," he said.
Computer users will be able to go to the division's Web site (www.us-cert.gov) for information and to sign up for regular newsletters and bulletins.
Alan Paller, head of the SANS Institute in Bethesda, a computer-security research facility, said he sees value in the government being the authority on identifying and tracking cyber-threats.
The model should be the National Weather Service, which collects primary weather data, Paller said. "Everyone else is an interpreter." With cybersecurity information, Paller said, "everyone is a collector. That model is wrong."
Because the government also has resources at the Defense Department and coordinates with industry groups that share data, Paller said, "they have access to data a little earlier. If they will tell people earlier, that will make a difference."
But Sen. Charles E. Schumer (D-N.Y.) said the effort was insufficient and potentially flawed.
"What DHS did . . . was essentially challenge computer hackers all over the world to put a virus into an e-mail that mimics the DHS e-mail warnings," Schumer said.
