As Team Cymru’s strategic partner in Latin America and the Caribbean, LACNIC is constantly looking for ways to cooperate in helping prevent the proliferation of cybercrime and coordinating actions with global organizations to help the regional community make the Internet a safer place.
Jacomo
Piccolini of Team Cymru highlighted the partnership with LACNIC and noted that
this organization has been fighting and pursuing cybercriminals for fifteen
years.
According to
Team Cymru, there are approximately 500,000 malicious events per second on the
Internet involving security issues.
Who is Team Cymru and what are its
objectives/goals?
Since 2005, Team Cymru’s mission has been to save and improve lives by working with public and private sector entities to discover, track, and take down threat actors and criminals around the globe. We do this by delivering comprehensive visibility into global Internet traffic and cyber threat activity. Team Cymru collects, processes and aggregates global netflow and 50+ other types of data to give our clients Pure Signal™. This provides the broadest visibility into malicious activity across the Internet. We see more than 500,000 events per second and deliver that information to our users in an actionable way. The most advanced cybersecurity teams and investigators around the world rely on our solutions to uncover the who, what, when, where and why of malicious behavior. They also leverage this global visibility to identify and block malicious campaigns before they even reach an enterprise’s doorstep. Our data is incomparable – Pure Signal™ – and our partners and clients use it to make the world a safer place.
Who is part of this group of experts
that analyze the main Internet security challenges?
Team Cymru is a multicultural company
with employees around the globe who share the same passion — to make the
Internet a safer environment for everyone, including our families, companies
and countries. Every employee at Team Cymru shares in our mission, from a
developer who works on our sandbox code to make the analysis of malware
possible to our intelligence analyst who investigates cyber threats and cybercrimes.
(Free access, no subscription required)
What is the complexity of the current
crimes on the internet? How much have cybercriminals advanced?
This is a great question with hours of
conversation needed for a proper understanding of the complexity being faced by
enterprises as each enterprise is unique and the cyber threats they face are
constantly evolving. Cybercriminals evolve, and evolve fast, as the security
market responds to their threats. This requires a constant pursuit of
knowledge, training and information sharing. A specific tool or protection that
worked last year may not be as effective this year. This is why Team Cymru
works to deliver visibility into internet activity beyond an organization’s
perimeter. The traditional methods of collecting threat intelligence and
investigating threats limit an organization to seeing only what is happening
within the enterprise. Threat hunting and incident investigations stop at the
firewall unless you have the visibility we provide. Also, everybody talks about
risk-based security and the idea that cybersecurity should be approached from
the perspective of risk management. Well, if you can’t see what’s happening
beyond your own backyard, you do not have the situational awareness necessary
to achieve effective risk-based security. We aggregate 50+ different types of
data, but we really love our global netflow, because that expansive awareness
lets you see what’s coming your way before the threat actor even steps into
your backyard.
Cybercrime goes faster than security
agencies in Internet?
What is the complexity of the current
crimes on the internet? How much have cybercriminals advanced?
This is a great question with hours of
conversation needed for a proper understanding of the complexity being faced by
enterprises as each enterprise is unique and the cyber threats they face are
constantly evolving. Cybercriminals evolve, and evolve fast, as the security
market responds to their threats. This requires a constant pursuit of
knowledge, training and information sharing. A specific tool or protection that
worked last year may not be as effective this year. This is why Team Cymru
works to deliver visibility into internet activity beyond an organization’s
perimeter. The traditional methods of collecting threat intelligence and
investigating threats limit an organization to seeing only what is happening
within the enterprise. Threat hunting and incident investigations stop at the
firewall unless you have the visibility we provide. Also, everybody talks about
risk-based security and the idea that cybersecurity should be approached from
the perspective of risk management. Well, if you can’t see what’s happening
beyond your own backyard, you do not have the situational awareness necessary
to achieve effective risk-based security. We aggregate 50+ different types of
data, but we really love our global netflow, because that expansive awareness
lets you see what’s coming your way before the threat actor even steps into
your backyard.
Cybercrime goes faster than security
agencies in Internet?
Cybercriminals have no regulatory
burdens. They will always do whatever it takes to get money, data, to carry out
espionage campaigns or even disruption campaigns. We have many criminal players
online any given time, sometimes even competing between themselves for
supremacy. Cybercriminals understand the
weakness and restrictions that different countries and their law enforcement
agencies have. They know that if they place malicious content outside
jurisdictions, it will slow down law abiding nations’ ability to investigate.
When you consider that limitation, plus the fact that security teams are being
hit on all sides with potentially thousands of event alerts a day, and the
tools they have at their disposal are inherently limited, you can see how
important it is for organizations to get ahead of malicious activity, rather
than wait for alerts to pop up. You can see how valuable it is for both our
partners and our clients to be able to monitor malicious activity across the
globe.
What are the main difficulties agents
encounter in pursuing cybercrime?
A common difficulty is related to legal
restrictions between countries and law enforcement agencies. This is where a
neutral entity like Team Cymru can really assist the community.
What are the cybercrimes that have
grown the most in the world?
Without exception all cybercrime
numbers have grown, each one for different reasons. We are obviously most
concerned about data exfiltration of any kind, financial cybercrime, and of
course attacks on critical infrastructure. Compromises of corporate and
government networks, as well as ISP networks for the purpose of theft or
sabotage directly impact the safety and privacy of global citizens.
Unfortunately, these attacks often begin by taking advantage of human ignorance
or lapses in judgment. Phishing campaigns and DNS hijacking continue to be very
popular, for example, because the success rates are so high.
Which International laws are
appropriate for the persecution of Internet crimes?
There are already some strong
International laws, for example Money Laundering, Crimes Against Children,
Human Trafficking, Illicit Drug Trafficking and Terrorism. The Budapest
Convention on Cybercrime is an excellent example of International collaboration
that still needs broader support. Cooperation is the key to success, and I
don’t think we have much resistance in the global community when it comes to
cooperation. The challenge from Team Cymru’s perspective is visibility, and the
ability to incorporate global visibility into our efforts to make the Internet
a safer place.
