The Security Detail

Mar 28 2013   11:09AM GMT

DarkSeoul demonstrates need for sharing security information

Tony Bradley Tony Bradley Profile: Tony Bradley

Consider a jigsaw puzzle. Assume you don’t have the box with the picture of the completed puzzle on it–just a pile of pieces. You don’t know what the end result is supposed to look like, but you can at least start with the straight edges, match like colors and images, and eventually put the puzzle together to reveal the full image.

Now think about whether or not you could guess what the whole puzzle looks like if you only have one piece.

That is similar to the dilemma companies–and nation-states–face when it comes to defending against sophisticated cyber attacks. One company may have one piece of the puzzle, and another company may see some suspicious activity that reveals another piece of the puzzle. But, unless the different parties get together and compare their pieces it’s very difficult to put the whole puzzle together to get the big picture view of what’s going on.

A blog post from Cisco analyzing the recent DarkSeoul attacks against assets in South Korea, explains, “There is a renewed push for data sharing and transparency in the industry, and incidents like this one highlight how important this sharing is to the entire community of defenders.”

Cisco stresses that data-sharing is a crucial element of an effective cyber defense.

Congressmen Mike Rogers (R-MI) and Dutch Ruppersberger (D-MD)–leaders of the House Permanent Select Committee on Intelligence–recently resubmitted the Cyber Intelligence Sharing and Protection Act (CISPA) for consideration. CISPA was shot down last year, but the dramatic increase in both volume and scope of sophisticated cyber attacks such as DarkSeoul illustrates the need for broader sharing of information between the national intelligence community, security vendors, and private corporations in general.

There is still significant backlash against CISPA. There are privacy and oversight concerns to overcome, but most have been addressed already through amendments. CISPA–or legislation much like it–is essential to facilitate the kind of data sharing necessary for putting all of the pieces of the puzzle together. Without it, everyone will just stare at their own piece of the puzzle and wonder what the rest of it looks like until it’s too late.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: