March 15, 2019
If Imitation Is the Sincerest Form of Flattery, Facebook Sure Did Flatter Us.
Posted February 13, 2015
Facebook Launches ThreatExchange for Security Pros to Exchange Info about Cyberthreats
Does the concept of exchanging information about cyberthreats to make everyone safer sound somehow vaguely familiar? You know, like you’ve heard it somewhere before?
Well, how about the name “ThreatExchange?” That remind you of another company name? Like ThreatMetrix® perhaps?
Okay, it’s possible to chalk up Facebook’s latest “idea” to coincidence. Something that looks like a duck, waddles like a duck and quacks like a duck could turn out to be an ugly swan with a sprained ankle and deviated septum. Then, of course, there’s another explanation. It could be Facebook is validating the extremely successful concept pioneered years ago by ThreatMetrix.
In a recent article that appeared in Infosecurity, ThreatMetrix Chief Products Officer Alisdair Faulkner issued this cautionary note: “Shared threat intelligence is essential for stopping the bad guys, you just need to be careful you don’t stop customers as well. Reputation around shared identifiers like IP addresses can be a double edged sword.”
In his piece on mashable.com Rex Santus discusses Facebook’s launch. The following has been excerpted from his piece and edited to fit our format. You may find the full article by clicking on this link.
What a concept!
Doing what it does best, Facebook has created a platform — or a mini-social network, if you will — but this time for cybersecurity specialists. The concept is that researchers and professionals can learn from each other, and help keep everyone’s systems safer.
Been there. Done that.
“Our goal is that organizations anywhere will be able to use ThreatExchange to share threat information more easily, learn from each other’s discoveries, and make their own systems safer,” Mark Hammell, Facebook’s manager of threat infrastructure, wrote in a blog post announcing the project.
Déjà vu “all over again”
Security threats aren’t typically relegated to just one target, and the lack of communication between malware targets ends badly for everyone, according to ThreatExchange. So far, some pretty big-name Internet players have joined Facebook on ThreatExchange, including Bitly, Dropbox, Pinterest, Tumblr, Twitter and Yahoo. The platform expects to attract more partners as time goes on.
The new platform builds on Facebook’s ThreatData, a framework that stores cyberthreat information (such as bad URLs) for analysis by security pros.
A year ago you say?
The idea for ThreatExchange came about a year ago, when Facebook and others were facing a malware spam attack. The social network’s security specialists “quickly learned that sharing with one another was key to beating” the problem, Hammell wrote.
Share and share alike. Not exactly
To quell any fears that potential partners may have about sharing too much information publicly, Facebook said participants can tweak settings to pick and choose with whom they share their information. For example, a company may only want to share sensitive data with another partner that is experiencing the same attack.
An original thought that’s been heard before
“That’s the beauty of working together on security,” Hammell wrote. “When one company gets stronger, so do the rest of us.”