Because Things Don’t Happen “a World Away” Anymore, the National Cyber Security Alliance Works for Global Cooperation to Improve Internet Security

Posted on May 30th, 2014 by Dan Rampe

NCSA

Based in Washington D.C., the National Cyber Security Alliance (NCSA) works with business and the Department of Homeland Security to promote online security. On its board are representatives from Google, Microsoft, Comcast, Facebook, and others.

Recently NSCA took part in an international online safety awareness meeting in Paris hosted by Microsoft. Since NCSA had been primarily involved in domestic issues, Larry Magid, technology analyst for CBS News, whose articles appear on CNET News, huffingtonpost.com, forbes.com and in the San Jose Mercury News among others, was surprised to have been invited to an international conference. Following is his takeaway from the conference as well as other observations on global security. It has been edited to fit our format. You can find the complete article by clicking on this link.

[On] the day we convened our meeting…news broke that the Justice Department, with the help of law enforcement agencies from other countries, issued indictments in connection with the BlackShades Remote Access Tool (RAT) “that enabled users around the world to secretly and remotely control victims’ computers,” according to the Manhattan U.S. attorney’s office, which said the bust involved more than 90 arrests in 19 countries.

The BlackShades RAT is malicious software, or malware, that has been used by criminals in more than 100 countries to “infect computers throughout the world to spy on victims through their Web cameras, steal files and account information, and log victims’ key strokes,” according to the Justice Department. The alleged co-creator of BlackShades, Alex Yucel…was arrested in Moldova and is awaiting extradition to the United States. Brendan Johnson, who is charged with helping to market and sell malware, including the RAT, and provide technical assistance to its users, was arrested in Thousand Oaks, California.

BlackShades provides a good example of how you could be sitting in your home in Palo Alto and be victimized by a criminal on another continent or vice versa. Thanks to botnets, where malicious software spreads itself from computer to computer without the knowledge of the machine’s owners, it’s possible for a computer from Estonia to infect your home PC and for your home PC to then infect someone else’s PC in Germany.

… John Carr, a child safety adviser to the United Kingdom government, told me that a “substantial proportion of the illegal [child porn] images that make their way to the UK come from the United States.

Privacy is also a global issue, as we were reminded…when the European Court of Justice in Luxembourg ruled that search engines (the biggest two being U. S.-based Google and Microsoft’s Bing) can be required to delete search listings of posts, including stories in newspapers, that may be dated or irrelevant, even if they happen to be true. This ruling could not only affect U.S. companies that offer search, but also those of us in the United States and other countries who use these services, even though the delete order was issued by a court on another continent.

At the Paris meeting, the discussion turned to international cooperation, and it was generally agreed that it’s a good idea for organizations in countries around the world to coordinate at least some of their messaging because of the similarities of the issues that we all face. That doesn’t mean that a campaign that works in Istanbul will necessarily resonate in Indianapolis. But in our increasingly globally connected world, there are plenty of common themes and practices that we can share.

In an interview, NCSA Executive Director Michael Kaiser summed up the purpose of the meeting. “We are trying to reach everyone on the globe because we’re all connected to the same Internet and, unless we’re all safe and secure, we won’t have a safe and secure Internet.”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.