Financial industries have already started to set up sharing networks but others need to quickly follow suit, says Soltra chief executive. Photo: SCMP Pictures
Source:
https://scmp.com/tech/enterprises/article/1883207/better-information-sharing-networks-will-keep-hackers-bay-says Enterprises
Better information-sharing networks will keep hackers at bay, says threat intelligence specialist Soltra
Fear of spilling corporate secrets to rivals play into hands of online saboteurs, says firm’s chief executive.
A man types on a computer keyboard in Warsaw, in this February 28, 2013 file picture illustration. Microsoft Corp and the FBI, aided by authorities in more than 80 countries, have launched a major assault on one of the world's biggest cyber crime rings, believed to have stolen more than $500 million from bank accounts over the past 18 months. To match Exclusive CITADEL-BOTNET/ REUTERS/Kacper Pempel/Files (POLAND - Tags: BUSINESS CRIME LAW SCIENCE TECHNOLOGY)
The last two years have seen a series of high-profile cyber attacks on a global level, with victims including Apple, J.P. Morgan and the US government.
To combat the rise in hacking, the latest weapons of choice are not just stronger firewalls, but also improved ways of sharing information.
The finance industry has already established a network to share details on hacking cases so that companies can understand the hackers’ strategies in advance and take actions to thwart them.
Soltra, a US company that specialises in so-called threat intelligence, has come up with a network it likens to the highly placed rows of fire beacons used in medieval times to warn of invaders. The network collects and shares information on hacking attacks among its subscribers.
“Information security should no longer be comprised of disparate, disconnected silos,” said Mark Clancy, Soltra’s chief executive.
One piece of malware can be used to infiltrate hundreds of companies. Firms used to deal with each attack independently, Clancy said, but working together could greatly limit the impact of the malware and potentially make it redundant after a single attack.
Soltra is a joint-venture between DTCC, the US Depository Trust & Clearing Corporation, which clears and settles trades of securities, and the FS-ISAC, or Financial Services Information Sharing and Analysis Center, a non-profit cooperation founded by companies from the finance industry.
The company earlier developed a peer-to-peer tool it called Soltra Edge that allows companies to exchange information on attacks.
One year after its release, it had garnered over 2,000 users and built the foundation of the centralised Soltra network.
Many companies and even some social media giants have been making similar overtures.
Facebook entered the cybersecurity field by rolling out Threatexchange, an API-based platform, in February. This lets companies swap details on security threats. A related app was released in August.
So far, it has been used by over 130 companies, with early adopters including Twitter, Yahoo and Dropbox, according to Facebook.
Meanwhile, technology giant Hewlett-Packard promises to deliver information and analysis on such threats via its Threat Central plantform. HP partnered with Japan’s Hitachi and security company Alien Vault on the project.
But the sharing ethos is hampered by companies’ reluctance to look vulnerable by admitting the damage hackers have done. Pundits say many are worried about compromising their image or brand while also potentially leaking sensitive information to competitors.
Clancy said the Soltra Network protects parties’ privacy by only keeping track of certain information. For example, it may know that a company was attacked from a specific IP address, but the identity of the victim corporation and the exact source of the attack can be withheld.
A pilot version of this network will be available before the end of the year, with the full version to be rolled out before the middle of 2016, the company said in a statement.