Collaborating Against Cybercriminals Through Data Exchange

Collaborating Against Cybercriminals Through Data Exchange

In the ever-evolving landscape of cyber threats, collaboration between cybersecurity companies and regulatory bodies is proving to be a powerful tool in the fight against cybercrime.

The dark web, a vast and largely criminal-dominated marketplace, serves as a testing ground for cybercriminals. Hackers, such as those who recently breached Cartier's systems, make off with valuable customer data. However, the cybercrime economy, valued at a staggering $10.5 trillion, continues to grow stronger while our defenses remain a shambles.

One of the challenges in combating this global issue is the lack of clarity in naming conventions. When one security vendor tracks a threat group, another may refer to it by a different name, leading to organizations wasting time and resources on correlating threats across vendor reports.

To address this issue, partnerships like the recent alliance between CrowdStrike and Microsoft have been formed. This partnership, with a well-thought-out governance system, allows for collaboration on threat attribution while protecting proprietary techniques and competitive advantages. As a result, the identities of over 80 adversaries have been resolved through direct collaboration among analysts.

The European Union is also taking steps to combat cybercrime. The NIS2 Directive, Cyber Resilience Act, and Cyber Solidarity Act, among other initiatives, affect hundreds of thousands of entities across essential and important service sectors. The EU coordinates threat intelligence sharing among member states through ENISA, its cybersecurity agency.

On a national level, the United States has multiple regulatory bodies that have implemented disclosure mandates requiring incident reporting within specific timeframes. Information Sharing and Analysis Centers (ISACs) provide timely intelligence and real-world insights to boost security, with 26 U.S. states adopting the NAIC Model Law to encourage information sharing in the insurance sector.

Effective threat intelligence sharing creates exponential defensive improvements and lowers the chances of success for attackers. Smaller organizations can unlock enterprise-level intelligence capabilities by getting involved in sector-specific ISACs, signing up for professional OSINT services, and adopting standardized threat intelligence platforms.

Open Source Intelligence (OSINT) can quickly identify stolen credentials, leaked source code, and emerging attack vectors in real-time. However, continuous surveillance of the dark web can sometimes leave organizations vulnerable to malware infections and legal trouble. Collaborative intelligence frameworks can collect insights from the dark web while shielding companies from direct risks.

In the retail sector, companies like Victoria's Secret, Marks & Spencer, The North Face, and Harrods have faced cyber attacks, ranging from credential stuffing attacks to system intrusions. These incidents highlight the need for robust cybersecurity measures and effective threat intelligence sharing.

Building trust and secure communication is crucial in these collaborative efforts. Public-private partnerships use clear protocols and defined communication channels to protect sensitive data while enabling fast threat intelligence sharing. Compliance mandates, such as the GDPR and PCI DSS, encourage companies to adopt strong cybersecurity measures that facilitate trustworthy sharing.

In conclusion, collaboration under regulatory mandates provides legally backed, trust-based, and standardized information-sharing frameworks that improve threat visibility and responsiveness, strengthening the collective defense against cybercrime. This collaborative approach not only benefits individual organizations but also contributes to a safer and more secure digital world.

[1] Benson, S., & Cimpanu, C. (2021, September 23). CrowdStrike and Microsoft partner to share threat intel. Retrieved from https://www.zdnet.com/article/crowdstrike-and-microsoft-partner-to-share-threat-intel/

[2] Cybersecurity and Infrastructure Security Agency. (n.d.). Information Sharing and Analysis Centers (ISACs). Retrieved from https://www.cisa.gov/isac

[3] European Union Agency for Cybersecurity (ENISA). (n.d.). Threat intelligence. Retrieved from https://www.enisa.europa.eu/topics/threat-intelligence

[4] National Association of Insurance Commissioners (NAIC). (n.d.). Model law. Retrieved from https://www.naic.org/model-law-regulation/model-act-drafting-guides/cybersecurity-model-act-drafting-guide.htm

[5] U.S. Department of Homeland Security. (n.d.). Cybersecurity information sharing act (CISA). Retrieved from https://www.dhs.gov/cisa

1. The collaboration between cybersecurity companies, like CrowdStrike, and regulatory bodies, such as Microsoft, in data-and-cloud-computing and technology sectors, can lead to powerful tools in the general-news fight against cybercrime, as demonstrated by their recent alliance that allows for joint threat attribution without compromising proprietary techniques.
2. In the crime-and-justice landscape, the European Union's initiatives, including the NIS2 Directive, Cyber Resilience Act, and Cyber Solidarity Act, aim to combat cybercrime by promoting threat intelligence sharing among member states and essential service sectors, just as the United States has enacted disclosure mandates that require incident reporting and Information Sharing and Analysis Centers (ISACs) for strengthening cybersecurity.

Read also: