Facebook launches ThreatExchange: Can information sharing thwart cyberattacks?
Facebook has launched ThreatExchange, a social network of sorts designed to allow companies to share information and intelligence about cyberthreats. The move is the latest example in how an age of cooperation may be emerging as companies increasingly battle cyberattacks of various stripes.
Consider the following:
Facebook's ThreatExchange is designed to be an information clearinghouse since threats usually go after multiple targets. Facebook's bet is that the more companies share intelligence the easier it will be to derail the bad guys. Initial partners to ThreatExchange include Bitly, Dropbox, Facebook, Pinterest, Tumblr, Twitter, and Yahoo. ThreatExchange is an application programming interface that builds on Facebook's internal threat system called ThreatData. Not surprisingly, ThreatExchange is a social platform to share bad URLs, domains and safeguards.
Google's VirusTotal unit, which runs independently, is working with Microsoft to spot false positives in antivirus software. VirusTotal said in a blog post: "We have been working on this for just one week and with just one company, Microsoft, yet results look very promising: over 6000 false positives have been fixed. We would like to extend a big thank you to the Microsoft team for sharing metadata about its software collection and to the antivirus industry as a whole for the false positives remediation." Aww. That's just so warm and fuzzy. Don't get to carried away by this Google and Microsoft detente. After all, the search giant will still out Microsoft vulnerabilities before they are fixed. But it's a start.
The U.S. government is launching a new agency designed to coordinate efforts when battling cyberthreats. The Washington Post outlined the agency, the Cyber Threat Intelligence Integration Center. The goal is to combine intelligence from multiple departments.
Here's the upshot from these three data points. Information sharing across industries, companies and the government is critical to battling cyberattacks, which are increasingly carried out by governments or their proxies. Meanwhile, cybercrime is a huge business. Without information sharing and coordination criminals can simply pluck off vulnerable silos repeatedly.
What remains to be seen if this cooperation ushers in a new age of security collaboration or simply makes an interesting headline before the next big attack.