A group of security heavy hitters—McAfee, Symantec, Fortinet and Palo Alto Networks—have come together to co-found the Cyber Threat Alliance. The mission of the alliance is to drive a coordinated industry effort against cyber-adversaries through deep collaboration on threat intelligence.
Keeping ahead of increasingly sophisticated cybercrime attacks requires in-depth and constant knowledge of the fast-moving threat landscape. The Alliance will provide the framework for the companies to educate one another on complex and multidimensional attacks, moving beyond just sharing malware samples. The information addressed includes details on zero-day vulnerabilities, botnet command and control (C&C) server information, mobile malware samples, and indicators of compromise (IoCs) related to advanced persistent threats (APTs).
“You don’t have to be entrenched inside the world of network security to see how serious attacks have become in the world of computing,” the Alliance said in a white paper. “In the past year alone, we’ve seen breaches on a scale that we would have once considered unthinkable: tens of millions of credit card records, addresses, phone numbers, usernames and passwords, and other kinds of personally identifiable information have been stolen from corporations, organizations and government bodies. This information is quickly bundled up into packages and sold to criminals to facilitate financial fraud.”
It added, “But the threats don’t stop with the theft of customer data. Other attackers focus on building large botnets and illicit infrastructure for different means. Botnets today are often used to launch massive distributed denial-of-service attacks on targets located around the world. Recruiting a botnet and taking a competitor offline for an extended amount of time is literally as simple as a few mouse clicks and sending a handful of anonymous virtual currency to the bot’s master. Other botnets are used to help distribute spam by the billions and infiltrate social media accounts to spam stories and comments that typically link to sites selling counterfeit goods.”
So, in addition to evolving the alliance framework and bylaws, the co-founders will each dedicate resources to determine the most effective mechanisms for sharing advanced threat data to foster collaboration among all alliance members. McAfee alone is pledging the attention of 450 of its researchers.
“As our dependence on the internet continues to grow, so too does our vulnerability to the increasingly frequent and sophisticated attacks that cyber-criminals wage on businesses and consumers. We must meet these aggressive attacks with not only innovative technology and expertise, but also deeper industry collaboration to ensure our defense is strongest,” said Gert-Jan Schenk, EMEA and Canada president of McAfee, in a statement.
He added, “By creating this cyber-alliance we now have the framework in place to educate one another on complex and multidimensional attacks, moving beyond just malware samples. In the absence of substantive legislation fostering this intelligence exchange, the industry must lead the way, and this makes the alliance an important milestone in tackling today’s cybersecurity threats.”