Public and private sectors call for more data sharing to combat cyber crime

When it comes to the battle for security in the digital world, there can be little doubt that cyber criminals currently have the upper hand and their momentum is not expected to slow down any time soon.

NHS Trusts are experiencing more ransomware attacks than ever before, underground marketplaces around the world are continuing to increase in sophistication and a recent report predicted that there will be more cyber attacks in the next three years than there were in the last five combined.

As well as external threats, businesses also have to deal with insider attacks and the situation is only going to get more confusing in the future as the Internet of Things continues to expand and the number of connected devices continues to grow.

So, it seems pretty clear that something is currently going wrong with cyber security, but what’s the answer?

Having spoken to multiple people within the security sector recently, both in the private and public sectors, one of the constant themes that has emerged is the importance of data sharing. One of the reasons why we have fallen behind cyber criminals - according to Timothy Wallach, Supervisory Special Agent for the Cyber Taskforce at the FBI – is that “the bar to entering cybercrime has been lowered because of the availability of goods and resources on the underground. Once you’re trusted in – particularly the more sophisticated forums - you don’t necessarily need to have the high technology capabilities or technology skills because you can just buy what you need.”

But he believes that, in order for us to catch up, “the collection and sharing of intelligence” will be vital, not just between government entities but also with private industry. He continued: “Partnerships are the other key for attacking this problem. Partnerships among government organisations, law enforcement agencies, between the US law enforcement agencies and foreign law enforcement agencies and then partnerships between private industry and government as well. There really has to be a holistic approach as that’s the only way that this problem is going to be attacked efficiently.”

But is there enough being done at the moment? “It’s a work in progress,” said Wallach, a sentiment echoed by Philip Amann – Senior Strategic Analyst at Europol – who spoke about one of the key issues facing law enforcement: “You hear the same things over and over again that we need to share more, but quite often we don’t walk the walk, the key issue being trust. We have to build up that trust environment until people are ready and willing to share data with law enforcement. We need to be able to show that whatever they share with us is safe.

“When I look at how we work I think that it’s improving, we just have to show that we can have an impact and that they can trust us, but there’s still a lot of work to do. It’s a constant process and I think we’re certainly on the right track.” 

Amann also highlighted the importance of sharing the right type of information, in order to create a “more comprehensive intelligence picture. There’s a difference between data, information, intelligence and evidence,” he said. “Data and information you can automate to a large extent, so for law enforcement we’re really interested in receiving intelligence.”

This point also rings true for the private sector, where businesses can make themselves more secure by learning from the experiences of other companies through the sharing of information. “There are benefits to be gained from sharing data on attacks and being part of a co-ordinated response to attacks," said David Emm, principal security researcher at Kaspersky Lab. “They can not only learn about the methods used by attackers, but can see how their peers have successfully repulsed such attacks. In this way, they can learn from the mistakes – and the successes – of other organisations and make their own infrastructure more resilient.”

It’s of course understandable that businesses wouldn’t be keen to share private information with competitors and law enforcement agencies, but cyber security isn’t an issue that any one company can solve on its own.

Cyber criminals themselves are sharing data to increase their power and it’s time that those on the side of a secure internet for all did the same.

Image Credit: Deepadesigns / Shutterstock