The World Economic Forum (WEF), along with some tech heavyweights, wants to map the entire cybercrime ecosystem.
The goal of the project, revealed at the recent RSA Security Conference, is to better understand who's who in the world of cybercrime, who's friends with whom, who outsources what parts of the cyberattack effort to whom, who builds, and who uses what. tools and software.
With this information, it was said, attribution will be made easier, which, in turn, will greatly facilitate the issuance of arrest warrants, seizures, and asset seizures. By mapping the entire world of cybercrime, companies believe they will make cyberspace a safer environment for everyone.
open source data
The project is called The Atlas Initiative, and in addition to the WEF, other contributors include Fortinet, CTA, and Microsoft.
"It's not a stream of threats," Derek Manky, chief security strategist at FortiGuard Labs, said on an RSA conference panel about the project. “We are looking for non-traditional artifacts. Think: crypto addresses and bank accounts, phone numbers, emails, things that ultimately help with the attribution challenge, which we always say is the Holy Grail."
As they develop the Atlas project, all data used will be open source. Companies will not only be looking for technical indicators of compromise, antivirus (opens in a new tab), or firewall data (opens in a new tab), but also things like social media accounts, indictments and other court documents, blogs, and almost anything. other non-proprietary information there.
“One of the problems that we often run into when we talk about sharing information is: Is it owned by the private sector? Is it a work product that you don't necessarily want to share? Government classified information? But it is not like that". It doesn't mean there isn't information available,” said Amy Hogan-Burney, associate attorney and general manager of Microsoft's digital crime unit.
To start, the group will focus on 13 threat actors. Well that nom nait été abandonne, the speculative media sur le fait que TrickBot, Conti, Evil Corp, DarkSide et le groupe Lazarus, qui infectent des millions of terminals (ouvre dans un nouvel onglet) depuis des années maintenant, feront the cup.
Via: The Registry (Opens in a new tab)