Major Cyber Security Threats
The Forum of Incident Response and Security Teams (FIRST) analyzed the most significant cyber threats worldwide, including digital platforms which offer services for conducting cyber attacks and new extremely destructive forms of malware.
FIRST held its thirtieth annual conference in Kuala Lumpur and was attended by more than 800 experts from around the world, including Graciela Martinez, Head of LACNIC WARP. Martinez was also part of the meeting’s program committee, which received and evaluated more than 200 proposals for presentations and workshops.
The head of LACNIC WARP pointed out that the FIRST conference is an ideal place to network and share information on this important topic. The meeting also allows gaining first-hand knowledge of the trends in cybersecurity attacks and the growing number of identity theft incidents.
FIRST brings together a variety of computer security incident response teams from academia, civil society, the government sector, and private companies. The organization is designed to facilitate global communication among response teams in order to achieve a prompt and effective resolution when managing security incidents.
The main concerns raised by the experts focused on denial-of-service attacks, the increased frequency of various forms of malware with special emphasis on (increasingly destructive) ransomware, and platforms created for launching security attacks and offered as services in exchange for money. In the so-called dark web, there is a market that offers different “kits” to anyone to seeking to carry out a cyber attack. Among others, a potential attacker can purchase phishing kits at prices that vary depending on the sophistication of each platform.
The FIRST meeting emphasized the importance of having response teams and creating synergy with law enforcement agencies. “The aim is the early detection of threats and sharing information to help other organizations,” observed the LACNIC expert.
Experts also warned that many organizations are not planning their security issues properly, and that one of the greatest challenges faced by cyber security professionals is describing the risks associated with the protection of information, human resources, and systems at executive level.
Martinez also participated in training on the Malware Information Sharing Platform (MISP), a tool developed for gathering, sharing, storing, and correlating Indicators of Compromise so that different organizations can detect and share intelligence on malware and other threats at an early stage.
“This platform is also useful for sharing intelligence, currently a major topic for many response teams. This information can be stored and analyzed to draw conclusions regarding potential threats and prevent increasingly sophisticated attacks,” noted Martínez.
By sharing information with the MISP threat sharing platform, participants are building a collaborative community for existing threats, whose aim is to help improve countermeasures used against targeted attacks and establish preventative actions and forms of detection.