Fortinet : Collaboration is Crucial to Combating Cybercrime

FortiGuard Labs Perspectives

As one of the founding members of the World Economic Forum's Partnership Against Cybercrime (PAC), Fortinet has spent the last few years collaborating with this dynamic group of organizations to combat cybercrime worldwide.

In responding to the unprecedented and exponential growth in cybercriminal activity during the global pandemic, PAC has focused on linking the digital expertise and data of the private sector with the public sector's threat intelligence to help obstruct cybercrime ecosystems. PAC has always believed that a global approach and a unified effort to eliminate communication barriers will make it easier to get beyond the obstacles that shield cybercriminals.

This blog will highlight the purpose of the Partnership, its successful collaboration exercises, and its future initiatives.

The Benefits of Collaboration

By breaking down the barriers between private companies and public agencies, PAC is able to make significant progress in achieving the very ambitious goal of mapping all the major global cybercrime syndicates.

PAC believes providing this visibility is a critical first step in its efforts to help disrupt cybercriminal ecosystems and infrastructures. Enhanced visibility will assist legal authorities in achieving more successful cybercrime investigations, takedowns, prosecutions, and convictions. It will also provide an unprecedented opportunity to strategically identify and target vulnerabilities in the criminal ecosystem. Recently FortiGuard Labs' Derek Manky discussed some examples of recent good news in fighting cybercrime as evidenced by the DOJ, but more needs to be done.

Considering the scale and sophistication of the threat landscape, it may seem like an impossible dream to make a real difference in the battle against cybercrime. However, the consortium of industry leaders that make up PAC vehemently disagree. In addition to Fortinet, the founding members of the Partnership Against Cybercrime include Microsoft, Bank of America, Coinbase, Accenture, the Cybercrime Support Network, and the Cyber Threat Alliance.

This partnership has brought together the cyberthreat experts within these organizations. These individual partners are volunteering to design and build a "working map" for understanding the cybercriminal ecosystem's components, interfaces, and connections. With the information collected, PAC, legal authorities, and other stakeholders can leverage this data to inhibit the nefarious efforts of cybercriminal gangs and reduce the impact of their misdeeds. This is very timely given the continued evolution of the threat landscape according to FortiGuard Labs' recent Global Threat Landscape report.

Achieving Clarity

The principals of this project can be found in the World Economic Forum's Partnership Against Cybercrime November 2020 Insight Report that promoted the idea for collaboration to waylay cybercrime ecosystems. After over a year of engagement and investigation, PAC partners have been encouraged by the clarity provided through their framework of cybersecurity expertise and some basic taxonomies.

For past year, PAC members have been conducting threat research and gaining an understanding of the cybercriminal ecosystem and some of the major the threat actors. The plans to share the results worldwide with public sector law enforcement agencies and criminal justice systems are currently being finalized.

Following more than a year of increasingly malignant cyberattacks and our under-the-radar tracking of cybercriminal organizations, the Partnership is preparing to share its detailed, specific threat mapping and cybercrime examples. We hope our insights will help identify new opportunities for cooperation between digital security experts and law enforcement-as well as assist in disarming the worst cybercriminal gangs that have been escalating their attacks, creating havoc, and getting rich.

The Cybercrime ATLAS Project

The Partnership Against Cybercrime began an initiative in September 2021 called the Cybercrime ATLAS. The goals of this project are to:

• Enable senior management to make strategic resource and targeting decisions on cyberthreats
• Increase the efficiency of cybercrime investigations by supporting legal authorities with high quality, actionable intelligence
• Support disruptive efforts against criminal networks
• Help public and private cybercrime investigators identify common targets of concern
• Accelerate collaborative efforts
  

The ultimate vision for Cybercrime ATLAS is to create a respected international community built on the expertise of public sector and private sector partnerships to understand the cybercriminal ecosystem, how to disrupt it, and how to mitigate the negative impact of attacks.

PAC members want the Cybercrime ATLAS project to become a hub for linking cybersecurity experts and for sharing knowledge on analysis techniques, new tools, new adversary behavior, and strategic insights. Another outcome they would like to see is for ATLAS to become an "intelligence pool" for understanding cybercriminal group operations; TTPs (tactics, techniques, process) over time; threat actor infrastructures; syndicate financial support systems; and the criminals' identities.

A Joint Responsibility

Disrupting cybercriminals and dismantling the attack infrastructure is a joint responsibility that requires strong, trusted relationships with other organizations. Cybercriminals operate like a business and if we keep forcing them to start over, rebuild, and shift tactics, the better off the digital world will be. Our goal is not only to prevent attacks, but we also want to dismantle and force cybercriminals to change models, approaches, and techniques, which demands their time, effort, and resources.

For Fortinet, the sharing of actionable threat intelligence between organizations and helping shape the future of mitigation against cyberthreats is vitally important. The World Economic Forum's Partnership Against Cybercrime is a powerful example of what can be accomplished when organizations work together to fight against global cyberthreats.