Cybercriminals are getting more sophisticated, enabling them to carry out more destructive and costly cybercrimes. According to Interpol’s Doug Witschi, to combat this private security firms and law enforcement need to work together.
There has been a rise in ransomware attacks across the world and with politicians calling for more public-private threat intelligence sharing, it is crucial to address the problem.
While talking with The Register, Witschi, the assistant director for cybercrime threat response and operations at Interpol said, they have been successful in combating the increasing well-funded targeted attacks thanks to the agency’s Gateway cyber-threat intel sharing project.
He said, “We’re not going to be able to arrest ourselves out of this problem. We need to work as a global community on this challenge. And Gateway is one step in that direction.”
The Interpol in collaboration with the project private-sector security shops such as Fortinet, Palo Alto Networks, Trend Micro, Kaspersky Lab, and others are able to share info with Interpol member countries’ law enforcement agencies. This helps them in investigating cybercrime and attribute attacks to the various crime rings.
Last year the Interpol managed to nab six Clop ransomware gang members in Ukraine, under the international law enforcement operation code-named “Operation Cyclone.”
The operation was a fruit of a 30-month-long coordination between Interpol’s Cyber Fusion Center in Singapore and threat intel provided by Trend Micro, CDI, Kaspersky Lab, Palo Alto Networks, Fortinet, and Group-IB through the Gateway project.
In the future, Interpol will undergo a “cyber surge” in 30 African countries. This involves the Gateway threat-sharing security partners, focusing on pumping resources into both identifying threats and helping local law enforcement disrupt cybercrime rings.
Derek Manky, chief security strategist at Fortinet said, “But within the Gateway program, what’s unique is that it allows us a channel to respond to requests for intelligence. It could be a piece of malware or a new vulnerability that’s breaking. And we contextualize that.”
He finally said, “We need to partner to fight back and disrupt cybercrime, because, without that, it’s a runaway train.”
PoC for Recent Java Cryptographic Vulnerability Released
Amazon’s Hotpatch for Log4j Flaw Vulnerable to Privilege Escalation Bug
New Lenovo UEFI Firmware Vulnerabilities Affect Millions of Laptops