In a world of ever-evolving cyberthreats, collaboration and knowledge exchange are vital for keeping an edge on attackers.
Cybersecurity is a cornerstone of today’s digital society, and progress and development in this field wouldn’t be possible without collaboration and the sharing of information on the latest cyberthreats. Such information exchange between various stakeholders from the public and private sectors makes it possible to counter the continuous advance of cyber-enabled crime. On the other hand, the benefits of collaboration aren’t lost on cybercriminals either – their sharing of knowledge and tools of their own plays a significant role in the evolution and sophistication of threats.
The Times They Are a-Changin’
Perhaps you’re recall the Brain Virus and the Morris Worm, two early examples of malicious code. The latter, dating back to 1988, was the first computer worm to spread through the internet, ultimately leading to the creation of the first Computer Emergency Response Team (CERT).
Ever since, each new emerging threat has necessitated countermeasures that stop potential similar attacks dead in their tracks. For each new technique or code developed by malicious actors, security practitioners have tried to find ways to mitigate the impact of these threats and to raise general awareness about them. This has led to the creation of a knowledge base that includes thousands of contributions made by researchers, organizations, security companies, and even regular users. They all have collectively helped lay the foundations for the development of new technologies and security measures.
The motivations behind early malicious code were not financial. Instead, their authors were driven by curiosity, peer recognition or the intent to cause damage. But over the years and along with the development of new technology, a cybercrime business model emerged and quickly caught the eye of an increasing number of people.
These days, many threat groups operate like companies that have salaried employees with distinct ‘job roles’ and even vacation days. These groups take advantage of networking opportunities and benefit from a generally high level of anonymity offered by the internet’s seedy recesses. The dark web, for instance, has for years been a place where information, resources and services are marketed with the aim of being deployed in future attacks.
In fact, oftentimes you don’t even need to roam around the dark web. Some of the world’s most popular messaging apps, such as Telegram, are increasingly becoming hubs for cybercriminals who are looking to share knowledge and sell or buy stolen data and malware.
“In little over a decade, cybersecurity has been transformed from a primarily technical domain centered on securing networks and technology to a major strategic topic of global importance,” notes the World Economic Forum. Today, the world is concerned about attacks against nations’ critical infrastructure systems, with recent history offering several examples of such damaging attacks.
As the exchange of information on the criminal side has resulted in the development of new and more sophisticated attacks and threats, the cybersecurity sector has strengthened its capacity to exchange threat-related knowledge.
For example, disciplines such as threat intelligence process vast amounts of data to enhance security processes, platforms and open source development, using contributions and information provided by users, companies, government agencies, as well as efforts such as the MITRE ATT&CK framework, a knowledge bases that facilitates the exchange of information between organizations and researchers, and global conferences on cybersecurity that engage more and more people every year. All this has led to progress in the development of security technologies, as well as raised awareness about the importance of secure coding.
“As long as cybersecurity keeps up with the latest trends and advances, we are undoubtedly on the right path,” says Camilo Gutiérrez, Head of ESET’s lab in Latin America. “All security-related fields, frameworks and collaboration areas are aligned with the need to develop technology in order to ensure its availability, data integrity and the confidentiality of user information. Given the current connectivity levels and the hyper-connectivity expectations for the future, it is inconceivable to think about technology without considering security.”
On the other hand, Gutiérrez thinks that the wide range of interconnected devices and systems sharing information represents one of the greatest cybersecurity challenges. “Barely 10 years ago, when talking about security, the conversation involved just a few operating systems and technologies. Today, the attack surface is considerably larger and will continue to grow. Therefore, the challenge in terms of cybersecurity consists in thinking holistically about new paradigms and technologies, rather than dealing with only certain systems or technologies.”
“Due to advances in technology, such as the blockchain or quantum computing, we embrace new paradigms to handle information. Therefore, thinking of these new solutions from the security point of view will allow us to have more robust technology; as the human factor may not be removed, what we can do is minimize its impact,” adds Gutiérrez.
Technology has allowed us to automate processes that contributed to the development and progress of humankind. Advances in machine learning as well as in artificial intelligence, which has been gaining relevance in recent years, will remain hot topics. Meanwhile, technological leaps make knowledge available to everyone, and collaboration and knowledge exchange allow us to evolve and stay ahead of cyberthreats, said Gutiérrez.
by Juan Manuel Harán, ESET