14 DAY TRIAL // The Anti-Spyware Coalition (ASC), National Cyber Security Alliance (NCSA) and StopBadware.org have announced an initiative to unite their efforts in order to more efficiently respond to cyberthreats. The new project will be called the "Chain of Trust Initiative" and plans to get security researchers and vendors, government agencies, Internet companies, network providers, advocacy and education groups to work together.
The first item on its agenda will apparently be to establish a map of current organizations with a role in cybersecurity and how they are linked to each other. "Strong security in any one organization or sector is not enough to combat an agile, fast evolving threat like malware, which exploits security breakdowns between entities. We all need to work together to build a system that withstand and repel the next generation of exploits," Ari Schwartz, ASC coordinator and vice president of the Center for Democracy & Technology (CDT), explains.
The Initiative plans to draft and implement common guidelines for behaving online in a secure manner. "The Chain of Trust Initiative will focus furthering the development of tools that provide better protections. However, we must also continue to ensure that all of us implement universal behaviors online that protect us against a multitude of threats," Michael Kaiser, executive director of the NCSA, comments.
Maxim Weinstein, the manager of the StopBadware.org project, also feels that cooperation is crucial for withstanding the complex attacks of today's threat landscape. "Just by nature of how the Internet works, malware distributors have a technological advantage, but we can respond by strengthening our shared networks and by better understanding our shared responsibilities," he notes.
An initial paper containing recommendations for addressing the weak links in the chain is planned for six months from now. However, fighting cybercriminals might prove much harder to do than forcing adware and spyware vendors, such as Zango or Gator, out of business, an accomplishment that the ASC is already very proud of.
Coincidentally, just days before this project was announced, Gunter Ollmann, former chief security strategist at IBM Internet Security Systems and current VP of research at Damballa, has posted a very interesting reflection regarding the topic of organized cybercrime response on his blog, outlining the intricacies of such efforts. He warns of the danger of judging illegal behaviors/activities based upon your own country's legal system and asks the pertinent question of "When does a movement of concerned entities become a vigilante mob?"