The World Economic Forum (WEF), along with some tech heavyweights, wants to map the entire cybercrime ecosystem.
The goal of the project, revealed at the recent RSA Security Conference, is to better understand who's who in the world of cybercrime, who's friends with whom, who outsources what parts of the cyberattack effort to whom, who builds, and who uses what. tools and software.
With this information, it was said, attribution will be made easier, which, in turn, will greatly facilitate the issuance of arrest warrants, seizures, and asset seizures. By mapping the entire world of cybercrime, companies believe they will make cyberspace a safer environment for everyone.
open source data
The project is called The Atlas Initiative, and in addition to the WEF, other contributors include Fortinet, CTA, and Microsoft.
"It's not a stream of threats," Derek Manky, chief security strategist at FortiGuard Labs, said on an RSA conference panel about the project. "We're looking for non-traditional artifacts. Think: cryptographic addresses and bank accounts, phone numbers, emails, things that ultimately help with the attribution challenge, which we always say is the Holy Grail."
As they develop the Atlas project, all data used will be open source. Companies will not only be looking for technical indicators of compromise, antivirus (opens in a new tab), or firewall data (opens in a new tab), but also things like social media accounts, indictments and other court documents, blogs, and almost anything. other non-proprietary information there.
"One of the issues we often run into when we talk about sharing information is: Is it private sector property? Is it a work product that they don't necessarily want to share? Classified information from governments? But that's not the case. ". It doesn't mean there is no information available," said Amy Hogan-Burney, associate attorney and general manager of Microsoft's digital crime unit.
Para empezar, el grupo will be centered in 13 actors of amenazas. While no names have been dropped, media is speculating that TrickBot, Conti, Evil Corp, DarkSide, and the Lazarus Group, which have been infecting millions of endpoints (opens in a new tab) for years now, will the Copa.
Via: The Registry (Opens in a new tab)