Collaboration and knowledge sharing are essential to progress in cybersecurity
In a world of ever-changing cyber threats, collaboration and knowledge exchange are key to staying ahead of attackers
Cybersecurity is a cornerstone of today’s digital society, and progress and development in this area would not be possible without collaboration and information sharing on the latest cyber threats. This exchange of information between the various players in the public and private sectors makes it possible to counter the continuous progression of cybercrime. On the other hand, the benefits of collaboration are not lost on cybercriminals either – their sharing of unique knowledge and tools plays a significant role in the evolution and sophistication of threats.
Times are changing’
You may remember the Brain Virus and the Morris Worm, two early examples of malicious code. The latter, dating from 1988, was the first computer worm to spread across the Internet, eventually leading to the creation of the first Computer Emergency Response Team (CERT).
Since then, each new emerging threat has required countermeasures that stop potential similar attacks in their tracks. For each new technique or code developed by malicious actors, security practitioners have tried to find ways to mitigate the impact of these threats and raise awareness about them. This has led to the creation of a knowledge base that includes thousands of contributions from researchers, organizations, security companies, and even regular users. They have all collectively contributed to laying the foundations for the development of new technologies and security measures.
The motivations behind the first malicious codes were not financial. Instead, their authors were motivated by curiosity, peer recognition, or intent to cause harm. But over the years and along with the development of new technologies, a business model of cybercrime has emerged that has quickly caught the attention of more and more people.
Many threat groups these days operate like businesses that have salaried employees with separate “job roles” and even vacation days. These groups take advantage of networking opportunities and benefit from a generally high level of anonymity offered by seedy corners of the internet. The dark web, for example, has for years been a place where information, resources, and services are traded for the purpose of being deployed in future attacks.
In fact, often you don’t even need to browse the dark web. Some of the world’s most popular messaging apps, such as Telegram, are increasingly becoming hubs for cybercriminals looking to share knowledge and sell or buy stolen data and malware.
“In just over a decade, cybersecurity has evolved from a primarily technical area centered on securing networks and technology to a major strategic topic of global importance,” notes the World Economic Forum. Today, the world is concerned about attacks on nations’ critical infrastructure systems, with recent history offering several examples of such damaging attacks.
As the exchange of information on the criminal side has led to the development of new and more sophisticated attacks and threats, the cybersecurity industry has enhanced its ability to exchange threat-related knowledge.
For example, disciplines such as threat intelligence process large amounts of data to improve security processes, platforms and open source development, using input and information provided by users, companies and government agencies, as well as efforts such as the MITER ATT&CK framework, a knowledge base that facilitates the exchange of information between organizations and researchers, and global cybersecurity conferences that engage more and more people every year. people. All of this has led to advancements in the development of security technologies, as well as an awareness of the importance of secure coding.
“As long as cybersecurity follows the latest trends and advancements, we are definitely on the right track,” says Camilo Gutiérrez, ESET Latin America Lab Manager. “All security-related domains, frameworks and areas of collaboration are aligned with the need to develop the technology to ensure its availability, data integrity and privacy of user information. Given current levels of connectivity and hyper-connectivity expectations for the future, it is inconceivable to think about technology without considering security.”
On the other hand, Gutiérrez believes that the wide range of interconnected devices and systems sharing information represents one of the biggest challenges in cybersecurity. “As little as 10 years ago, when we talked about security, the conversation was only about a few operating systems and technologies. Today, the attack surface is significantly larger and will continue to grow. Therefore, the challenge in cybersecurity is to think holistically about new paradigms and technologies, rather than only addressing certain systems or technologies.
“Due to technological advances, such as blockchain or quantum computing, we are adopting new paradigms to manage information. Therefore, thinking about these new solutions from a security perspective will allow us to have a more robust; as the human factor cannot be removed, what we can do is minimize its impact,” adds Gutiérrez.
Technology has allowed us to automate processes that have contributed to human development and progress. Advances in machine learning as well as artificial intelligence, which has been gaining relevance in recent years, will remain hot topics. Meanwhile, advances in technology are making knowledge accessible to everyone, and collaboration and knowledge exchange allow us to scale and stay ahead of cyber threats, Gutiérrez said.