Computer crime has long since gone pro. It’s been years since the computer hacker was a solo act, working out of their basement and defacing web sites for glory. These days it’s all about the money or an agenda, and adversary groups operate like businesses with division of labor and diversification. Criminals are buying up intellectual property, selling personal information and credit card numbers, and even selling their tech support to other hackers.
The best way to combat organization is to become organized, and the security community is doing just that. The OASIS Cyber Threat Intelligence (CTI) group is chartered to define how, when, and with what methods and protocols security vendors and law enforcement will all share information. Fortinet is proud to be a part of CTI. This committee for security intelligence was formed to give vendors, law enforcement, and other security organizations a place to come together to define how to share what they know about threats, information gained through standard campaign information such as tactics, techniques, procedures, indicators, targets, and recommended courses of action. Then, once the information is gathered, CTI will promote specifications on the methodology to share those threat profiles among the security community.
Three information-sharing methods are to be further defined and confirmed: STIX (Structured Threat Information Expression), TAXII (Trusted Automated Exchange of Indicator Information), and CybOX (Cyber Observable Expression). Within Oasis, anyone can contribute ideas and view the topics under discussion. The CTI group allows the general public to subscribe and comment – register here.
We consider memberships in organizations like OASIS and the Cyber Threat Alliance to be crucial for promoting awareness and standardization that brings everyone to the table to use the same language when talking about cyber security. Although there is always competition within the industry to build a better, faster, safer appliance or security services for customers, having standards allows for new invention within an established framework, as well as helping smaller organizations bring their insights and experience to the table in a way that allows the entire community to benefit.