The World Economic Forum wants to draw a global map of cybercrime

News
By Sead Fadilpašić
published

Probing the cyber underworld will help spot threats, says WEF

Ein Mann sitzt vor einem Laptop, welcher Sicherheitsrisiken anzeigt
(Image credit: stock.adobe.com © Artem #257128047)

The World Economic Forum (WEF), together with a few tech heavy-hitters, wants to map out the entire cybercrime ecosystem.

The goal of the project, revealed at the recent RSA security conference, is to better understand who is who in the cybercrime world, who is friends with whom, who outsources which parts of the cyberattacking effort to whom, who builds, and who uses what tools and software.

With this information, it was said, attribution will become easier which, in turn, will make issuing warrants, arrests, and asset seizures, a lot easier. By mapping out the entire cybercrime world, the companies believe they’ll make cyberspace a safer environment for everyone.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022end of this survey

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

Open-source data

The project is called The Atlas Initiative, and besides WEF, other contributors include Fortinet, CTA, and Microsoft

"This isn't a threat feed," said Derek Manky, chief security strategist at FortiGuard Labs, during an RSA Conference panel about the project. "We're looking at the non-traditional artifacts. Think: crypto addresses and bank accounts, phone numbers, emails, things that ultimately help to build the challenge of attribution, which we always say is the holy grail."

As they build out Project Atlas, all the data used will be open-source. The companies will not only look at technical indicators of compromise, antivirus or firewall data, but also on things like social media accounts, indictments and other court documents, blogs, and pretty much any other non-proprietary info out there.

Read more

> Conti ransomware group officially shuts down - but probably not for long

> Microsoft detects new Evil Corp malware attacks

> DarkSide hacking group apparently shuts down following pipeline attack

"One of the problems we frequently bump up against when we're talking about sharing information is: Is it proprietary from the private sector? Is it a work product such that they don't necessarily want to share? Is it classified information from governments? But that doesn't mean there isn't information that's available," said Amy Hogan-Burney, associate counsel and GM of Microsoft's Digital Crimes Unit.

For starters, the group will focus on 13 threat actors. While no names have been dropped, the media are speculating that TrickBot, Conti, Evil Corp, DarkSide, and the Lazarus Group, which have been infecting millions of endpoints for years now, will make the cut. 

Via: The Register

Sead Fadilpašić
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.