McAfee, Symantec, Fortinet and Palo Alto Networks, the worlds biggest and foremost security companies have formed an alliance to counter the growing cyber crime in the world. They have co-founded the Cyber Threat Alliance. The foremost mission CTA is to bring about a coordinated effort to fight the cyber crimes especially against the latest adversaries from Russia and Eastern Europe, through deep collaboration on threat intelligence.
It seems that the recent top level security breaches and leaks have shaken the entire cyber security agencies. Starting with Target and other stores in December, 2013 and finishing with the massive 4.2 billion credentials dump at the hands of Russian cyber thugs, add to that the recent dumping of 5 million gmail logins and passwords have made the security researchers get sleepless nights at the brazenness of the cyber criminals. The CTA will work towards providing a framework to the above security companies and save the world cyber system against multidimensional attacks moving beyond just sharing malware samples. CTA will also address zero-day vulnerabilities, botnet command and control (C&C) server information, mobile malware samples, and indicators of compromise (IoCs), Denial of Service (DoS) attacks related to malware and RATs.
“You don’t have to be entrenched inside the world of network security to see how serious attacks have become in the world of computing,” the Alliance said in a white paper. “In the past year alone, we’ve seen breaches on a scale that we would have once considered unthinkable: tens of millions of credit card records, addresses, phone numbers, usernames and passwords, and other kinds of personally identifiable information have been stolen from corporations, organizations and government bodies. This information is quickly bundled up into packages and sold to criminals to facilitate financial fraud.”
“But the threats don’t stop with the theft of customer data. Other attackers focus on building large botnets and illicit infrastructure for different means. Botnets today are often used to launch massive distributed denial-of-service attacks on targets located around the world. Recruiting a botnet and taking a competitor offline for an extended amount of time is literally as simple as a few mouse clicks and sending a handful of anonymous virtual currency to the bot’s master. Other botnets are used to help distribute spam by the billions and infiltrate social media accounts to spam stories and comments that typically link to sites selling counterfeit goods.”
The security agencies are pledging dedicated security researchers for the project. McAfee alone is pledging close to 450 of its researchers for the alliance.
“As our dependence on the internet continues to grow, so too does our vulnerability to the increasingly frequent and sophisticated attacks that cyber-criminals wage on businesses and consumers. We must meet these aggressive attacks with not only innovative technology and expertise, but also deeper industry collaboration to ensure our defense is strongest,” said Gert-Jan Schenk, EMEA and Canada president of McAfee, in a statement.
He added, “By creating this cyber-alliance we now have the framework in place to educate one another on complex and multidimensional attacks, moving beyond just malware samples. In the absence of substantive legislation fostering this intelligence exchange, the industry must lead the way, and this makes the alliance an important milestone in tackling today’s cybersecurity threats.”
