Following years of attacks on government institutions, cybercriminals are widening their focus to the private sector. After all, why go after a nation’s well-guarded secrets when you can cause just as much disruption – with far less effort – bringing down a large bank, energy supplier or healthcare provider?
Daniel O’Neill is Director at Bitdefender.
So, with public and private facing similar threats, it’s only logical they work more closely together to defend the nation’s strategic intent and business interests.
It’s little surprise to hear calls for increased collaboration grow louder each day. Most notably, the head of MI6, Richard Moore, made clear his intention to increase partnerships with tech firms in a rare public speech recently.
But what does a Public-Private Partnership (PPP) in cybersecurity actually look like, and what can each party learn from each other?
Collaborate or be defeated
The sheer pace and scale of transformative tech advances coming out of the business world means that all government and public sector bodies – not just the intelligence services – must explore ways of working with, and learning from, the private sector.
Knowledge sharing is a two-way street though, particularly in the cybersecurity space. As cyberwarfare and attacks against infrastructure continue to increase in volume and sophistication, government organizations have needed to develop security expertise and powerful countermeasures. And conversely, as threat actors actively seek softer targets in the private sector, businesses and organizations are having to adapt their approach by being more proactive, and actively “hunting” for anomalies that could indicate the presence of an adversary in the environment.
There is a lot that businesses of any size can learn from public sector cyber defense experience, and vice versa, to minimize the impact of a cyber-attack as methods for detecting and responding to the latest threats evolve with the latest technologies.
Shared enemy, shared resources, shared wins
Just as cybercriminals are sharing lessons, tactics, techniques and capabilities amongst themselves, and developing skills to move from one target to another, cybersecurity professionals across public and private sectors need to collaborate and learn from each other to combat today’s ever-growing threats.
Sharing information openly, and building upon initiatives led by the likes of the UK National Cyber Security Centre, helps to combat the stigma associated with getting hacked. Accepting that it can happen to any organization, private or public, and promoting better intelligence-sharing will help protect companies against future attacks.
This level of transparency can disrupt criminal activity and, in some cases, lead to arrests. At the end of 2021, the Department of Justice announced the arrest of two members of the ransomware gang REvil and the recuperation of $6.1m. Core members of the gang were apprehended in January in Russia. This milestone globally coordinated operation could not have been a success without the assistance of private companies – including Bitdefender who aided law enforcement investigations.
It illustrates what can be achieved when public and private sector teams pool their resources to fight cybercrime. This around-the-clock global operation hunted down those responsible for the most devastating ransomware attacks in recent history. Law enforcement and private cybersecurity companies took unprecedented joint action against a shared enemy and the common goal of justice.
The success of this operation was a wake-up call for cybercriminals, demonstrating that they aren’t invincible, and their online actions do have real world repercussions. Recent chatter on the dark web indicates ransomware developers and their affiliates are re-evaluating law enforcement risks that would come with new attacks.
Preparing for the next tech wave
As outlined by Richard Moore, key areas where the public sector needs to work with the private sector is on the next wave of emerging disruptive technologies, including quantum computing and artificial intelligence (AI).
Quantum poses a unique danger if the ‘good guys’ don’t stay ahead of the ‘bad guys’. This new computing power could allow attackers to break complex encryptions with ease, and at lightning speeds. Researchers believe a singularity event for using quantum computers to break encryption could happen within the next decade, so it is critical that our defense capabilities don’t fall behind.
With AI, adversaries will seek to use the technology to confuse our AI models and evade or circumnavigate cyber defenses. AI also provides bad actors with the “opportunity” to deliver large scale, and more complex, attacks using a variety of techniques that increase the probability of achieving unauthorized access. These include evasive malware that alters to appear trustworthy and self-learning botnets.
However, government and business can greatly benefit by collaborating on AI and quantum R&D breakthroughs to counter the increased complexity of attacks and incorporate new technologies such as extended detection and response (XDR) into operations. As always, it becomes the proverbial game of cat and mouse, with both sides seeking to maintain the momentum and stay one step ahead of the other.
2022 offers an opportunity for public and private partnerships to gain a deeper understanding of cybersecurity threats, tackle issues and create opportunities together. After all, two cats working together is always better than one.
At TechRadar Pro, we've featured the best malware removal software.
