Facebook is launching a social
network for cyber security professionals to share information about
threats that could lead to cyber attacks, as the US government and companies
search for new ways to co-ordinate their defences.
The world’s largest social network is stepping up its work in
cyber security by teaming with other technology companies including Yahoo and
online scrapbooking site Pinterest. The
platform will enable companies to share clues about how hackers are behaving in
the hope of preventing security breaches.
As cyber attacks hit companies from Sony Pictures to health
insurer Anthem, the private and public sector are under pressure to work
together to understand their adversaries. Hackers join forces and share tips to
break into networks but so far, communication about cyber defence has often
been haphazard.
Mark Hammel, Facebook’s manager of threat infrastructure, said
ThreatExchange had been developed from a system that Facebook was already using
internally to make it easier to catalogue threats to the site in real time.
Facebook’s decision to share the tool comes at a time when the
company is trying to broaden its appeal beyond social interactions with friends
and family and make the product a tool that is useful in the workplace. The
company is also trying out a site and app called Facebook at Work, designed to
facilitate internal collaboration between colleagues.
Mr Hammel said Facebook would give the cyber security service away
for free, unlike some other threat detection systems.
“We feel that as our product’s footprint has grown, with the
number of people using it to communicate, we have the ability to spend more
time on broader security issues that affect the internet,” he said. He added
Facebook was “really well positioned” with its “social sharing model” to direct
a threat project such as this.
He added that Yahoo and Pinterest were good initial partners
because they faced similar threats and had sizeable user bases. “Together,
we’re protecting a pretty sizeable percentage of the internet,” he said.
The ThreatExchange comes after Barack Obama, US president, put
information sharing at the heart of his cyber security proposals announced
ahead of the State of the Union speech last month. He proposed legislation that
would make it easier for companies to share information about cyber threats
with the government.
The US government announced this week that it would be
establishing a new agency, modelled on the National Counterterrorism Center
with the aim of bringing together information from all arms of government
during a cyber incident.
Mr Obama is expected to flesh out those proposals at a White House
summit held at Stanford University on Friday, while appealing to the technology
industry to do more to help.
The financial industry already leads the way in sharing
information. The Financial Services Information Sharing and Analysis Center —
known as FS-ISAC — joined the Depository Trust and Clearing Corporation, the
post-trade services provider, last September to launch the first widespread
not-for-profit intelligence service. The project is funded by 12 large
companies from sectors including finance, energy and healthcare.
But many analysts say information sharing is a key challenge for
cyber defences. Last year saw a steep acceleration in attacks on businesses.
These included the largest ever breach of personal data at a retailer at Home
Depot, as well as the attack on Sony Pictures that the FBI has said was
orchestrated by North Korea.
No comments:
Post a Comment