At­tack­ers work to­gether, so vic­tims should too


Mod­ern cy­ber­se­cu­rity is about re­spond­ing rapidly, iso­lat­ing at­tacks and shar­ing in­for­ma­tion. In­no­va­tive tech­nolo­gies such as cloud-based so­lu­tions and big data an­a­lyt­ics are help­ing.

“One big trend which is help­ing on this front is the rise of ISAOs [in­for­ma­tion shar­ing and anal­y­sis or­gan­i­sa­tions] which en­able the shar­ing of in­for­ma­tion about cy­ber­at­tacks ” says Karl McDer­mott, head of con­nected so­lu­tions at Three.

An Obama White House ini­tia­tive, “the con­cept be­hind ISAOs is that the hack­ers are work­ing to­gether, so the po­ten­tial vic­tims should be too”.

It marks a ma­jor shift for or­gan­i­sa­tions that, un­til re­cently, would have found the idea of ad­mit­ting an at­tack, let alone shar­ing in­for­ma­tion with com­peti­tors about what was lost and how, anath­ema. “With ISAOs, if a threat is found, that in­for­ma­tion is shared, as a way of mit­i­gat­ing it,” he says.

Banks are also es­tab­lish­ing cy­ber de­fence al­liances.

The Euro­pean Union re­cently ap­proved a Net­work and In­for­ma­tion Se­cu­rity Di­rec­tive with sim­i­lar ob­jec­tives. The di­rec­tive re­quires that mem­ber states form a Com­puter Se­cu­rity In­ci­dent Re­sponse Team, and that busi­nesses in crit­i­cal in­fra­struc­tures no­tify na­tional author­i­ties when cy­ber­se­cu­rity in­ci­dents oc­cur. It also man­dates that busi­nesses set up a co-op­er­a­tion group to fa­cil­i­tate shar­ing of in­for­ma­tion about risks.

Ac­coun­tancy and pro­fes­sional ser­vices firm PWC iden­ti­fies this trend in To­ward New Pos­si­bil­i­ties in Threat Man­age­ment, es­sen­tially key find­ings from its Global State of In­for­ma­tion Se­cu­rity 2017.

It looks at pi­o­neer­ing work by the US state of Vir­ginia, which an­nounced a state-level ISAO two years ago. Vir­ginia was also the ear­li­est state to im­ple­ment the US’s NIST Cy­ber se­cu­rity Frame­work, which en­cour­ages the shar­ing of cy­berthreat in­for­ma­tion.

It paved a path that or­gan­i­sa­tions in this part of the world are likely to fol­low. And it is still lead­ing the way. Vir­ginia re­cently es­tab­lished a pub­lic-pri­vate work­ing group with Vir­ginia State Po­lice to ad­dress the po­ten­tial for cy­ber­at­tacks on con­nected au­to­mo­biles.

De­tect and pre­vent

The work­ing group com­prises stake­hold­ers from fed­eral and state govern­ment agen­cies, academia and pri­vate sec­tor cy­ber­se­cu­rity com­pa­nies. It aims to help of­fi­cials un­der­stand how to de­tect and pre­vent cy­ber­se­cu­rity at­tacks on ve­hi­cles and on other con­sumer de­vices. The rise of the so called In­ter­net of Things – smart, con­nected, dig­i­tal de­vices – makes this a press­ing is­sue .

Vir­ginia leads the way in im­ple­ment­ing a threat-in­tel­li­gence so­lu­tion from a cy­ber­se­cu­rity so­lu­tions provider. Like pub­lic or­gan­i­sa­tions the world over, the US state is a repos­i­tory of per­son­ally iden­ti­fi­able in­for­ma­tion about its res­i­dents, from births and deaths to tax re­turns and health in­for­ma­tion.

In 2016 the state’s of­fi­cials noted an in­crease in phishing at­tacks. It im­ple­mented a so­lu­tion that en­ables it to mon­i­tor in­bound and out­bound traf­fic. The so­lu­tion also helps se­cu­rity an­a­lysts ex­e­cute and in­spect ad­vanced mal­ware, ran­somware and ad­vanced per­sis­tent threat at­tacks, known as APTs.

The PWC re­port says this united front “makes the com­mon­wealth’s motto Sic Sem­per Tyran­nis – Thus Al­ways to Tyrants – more fit­ting than ever.”

Newspapers in English

Newspapers from Ireland

© PressReader. All rights reserved.