Last Friday, I had the opportunity to join CNBC’s popular morning show, Squawk Box to discuss cyber threats posed by criminal networks and terrorist organizations. For both groups, physical and cyber safe havens are critical for their success. These entities need clandestine platforms to serve as a base of operations to communicate, finance and plan crimes and/or attacks. From a cyber perspective, the Deep Web/Dark Web affords them just that.
Over the last decade, we have seen an exponential growth of not only illicit forums and services supporting cyber and physical attacks, but, a corresponding increase in sophisticated attacks. Criminals and terrorists can utilize encrypted communication channels to coordinate and collaborate activities globally, including: anonymous payment system channels for finance and money laundering, as well as bulletproof hosting services for malware delivery, and command and control (C&C).
During my interview, I was asked about Anonymous’ declaration that they will attack global terrorist organizations—which by some accounts, has already begun. While I can’t directly comment on Anonymous’ capability, nor the impact of their attacks, I can confidently point that mitigating these types of attacks, whether cyber or physical remain a shared responsibility. Beyond Anonymous, Ghost Security Group has reportedly been busy attacking and exposing many terrorist organizations around the world. However, an interesting distinction between the two is Ghost Security Group asserts that they work closely with, but not at the direction, of, law enforcement to provide critical threat intelligence from the cyber underground.
While I don’t endorse or support any illegal activity, if the claims of the Ghost Security Group are to be believed, I can’t help but to ask myself—“Are they this generation’s Guardian Angels?”
As the discussion continued, I cited a prime recent example of shared responsibility— the great collaboration between the U.S. and U.K. for Operation Resilient Shield. Last week, Resilient Shield was a “paper-based transatlantic exercise focused on improving information sharing and planning in the context of a cyber-attack” on the financial sector.
Participants from abroad included CERT-UK, the UK Financial Authorities (HM Treasury, the Bank of England and the Financial Conduct Authority), cabinet office, the National Crime Agency, the Office of Cyber Security & Information Assurance and U.K. intelligence agencies. Representatives from the White House National Security Council, the Department of Treasury, the Department of Homeland Security, the FBI, the U.S. Secret Service, several reserve banks and other financial sector organizations represented America’s interest.
Although Resilient Shield represents a strategic tabletop exercise with little operational and live testing of systems and programs, it is a great start. Organizations with the help of private and public partnerships need to develop similar cybersecurity strategies from available and applicable frameworks, and test them frequently and vigorously.
Private and public partnerships are absolutely essential to help prevent, protect, detect, respond and recover from physical and cyber attacks. While I can’t endorse the Ghost Security Group, I do support any group that is willing to stand up and be counted.
At Trend Micro, we believe in contributing to the greater good through our extensive threat research in the Deep and Dark Web, as well as our partnership with law enforcement. Ultimately, we believe that our own true competitors are individuals and groups that seek to use the Internet to do harm.
Please add your thoughts in the comments below or follow me on Twitter; @Ed_E_Cabrera.