Making digital cyberspace safer doesn’t have to be “left to the big cybersecurity corporations,” according to an update from Uppsala Security.
Individuals and small businesses are able to play a key role in making the Internet and the Web 3.0 “a more secure place to do business and exchange information.”
We are now approaching an “ideal world” where all information about the newest cybersecurity threats “can be reported and shared with everyone in real-time,” the team at Uppsala Security noted in a blog post. In fact, the quicker crowdsourced threat information is shared amongst us, “the safer the Internet would also assuredly become for transactions and business operations,” the firm claims.
Due to ongoing stigma, many firms “remain reticent to share information about the security breaches they’ve suffered, even when directed to do so by law.”
According to a survey by Ipsos MORI, “only 43% of businesses reported their most disruptive breach outside their organization.” Another update indicates that the lack of reporting comes “out of fear” of losing customer confidence or “being in violation of regulations.”
Even the US Department of Homeland Security has a web page where security incidents “can be reported, but it is not clear how many organizations, or even whether individuals self-report when their own defenses get compromised.”
According to the update, the best way to manage cybersecurity incidents, and to defend against them, is “to make threat identification and information dissemination as seamless and transparent as possible.”
Organizations need to have a cybersecurity incident response management system in place that “enables them to keep track, report, and disseminate information about incidents, intrusion attempts, and breaches.”
As regulators, firms, and consumers start to understand that security incidents or hacking attempts are inevitable, “the focus will shift to sharing the latest threat information to help others shore up their own defenses against threats-including the newest attack vectors.”
Oftentimes, a security breach does “not just happen out of the blue.” Before a security breach actually happens, there are “often some bouts of suspicious network activity in the hours or days leading up to the breach.”
The team at Uppsala Security also noted:
“This is often the case with cryptocurrency exchanges. Suspicious activity by the hackers usually precedes a major exchange hack, but exchanges often miss it. This is partly because they don’t have a security incident response plan — or more importantly — a tool that automatically detects suspicious activity and alerts their staff of what is happening before the damage is done.”
They added:
“There are tools available today that allow anyone to 1) get real-time alerts of suspicious activity, and 2) immediately report incidents or suspicious activity to a threat intelligence repository that is fully accessible to anyone in the world. Individuals can now submit case reports of incidents and/or suspicious activity using the UPPward browser extension (available for free, supported by Chrome, Firefox, Brave and Edge browsers).”
Hackers are constantly inventing new attack vectors, “each more sophisticated than the last.”
Although preventing zero-day attacks might not be possible, “we can use a variety of tools that take advantage of crowdsourced intelligence to minimize our exposure to new attack vectors.”
The backbone of crowdsourced intelligence tools is “the Threat Reputation Database (TRDB) created by Uppsala Security.”
As noted in the update, this blockchain-based data hub pools all the crowdsourced information “about the latest threats and attack vectors from around the world.”
Once the security experts verify the validity of each case submission, each new threat is “documented in the TRDB.”
The team at Uppsala Security also shared:
“Besides the security tools that are addressed to businesses and organizations, Uppsala Security’s suite of products and services also offers full support to individual users that have fallen victims of online malicious activity which led to the loss of digital assets / cryptocurrencies.”
With the Crypto Incident Response Center (exclusively focused on South Korea) and the Digital Asset Tracking Services (international), victims of online theft involving cryptocurrencies and digital assets are “able to request the start of a fully-fledged investigation.”
After the investigation is ended and the tracking report is generated by Uppsala Security, this can be “submitted to the law enforcement agencies as legal evidence for further procedures.”