Common Malware Enumeration initiative

Well, this is a good idea and a long time coming, I’m sure everyone has been confused at some time in the past with viruses and their names, variants, etc. The Common Malware Enumeration initiative is meant to reduce the confusion caused by the different names security companies give viruses, owrms, and other pests.

“There is a lot of confusion over the way that malware is referred to,” Desiree Beck, the technical lead for the CME initiative, said in an interview. “We’re trying to alleviate that by giving malware a common identifier, so everybody is talking about the same thing when some malware event happens.”

The antivirus industry has tried, and failed, before to agree on common naming for worms and viruses. This time, US-CERT, the part of the U.S. Department of Homeland Security that coordinates response to cyberattacks, is running the show. With that in mind, and because the plan allows companies to keep their own naming by assigning an ID rather than a common name, security software makers are hopeful that the effort will be a success, and they’re eager to participate.

Here is a link to their homepage and a link to the news.com story.

CME is not an attempt to solve the challenges involved with naming schemes for viruses and other forms of malware. Instead, CME is working with the security community to facilitate the adoption of a shared, neutral indexing capability for malware. An example of a CME identifier would be: CME-123.