International cooperation is key to countering threat actors and cybercrime

In this age of cybersecurity, where digital attacks and cybercrime from nation states are rapidly crossing national borders and creating global crises, international cooperation has become an urgent priority. The need for global collaboration to address various pressing threats, from electronic espionage to ransomware attacks on critical infrastructure, is imperative to prevent economic and social disasters, say top cybersecurity professionals and government officials .

At this year’s Billington Cybersecurity Summit, leaders from around the world came together to discuss the importance of international partnerships in managing the persistent threats governments face. The near total digitization of all aspects of society, which exposes virtually all services in the public and private sectors to escalating cyber threats, dictates a more robust collective defense. Moreover, as cyber risks intensify and multiply, governments around the world are stepping up their own independent efforts to protect against the rising tide of digital threats.

The intelligence community, the spearhead of international cooperation

Many international cybersecurity partnerships have their roots in the intelligence community. “We have wonderful and deep partnerships with many brotherly nations around the world, and those partnerships continue to deepen in new and different ways,” George Barnes, deputy director of the National Security Agency, told conference attendees. (NSA) of the United States. “A lot of our partnerships started in intelligence and others in cybersecurity. Now we’re at this point where those two are inextricably linked. When you can bring them together for a nation, it’s a powerful combination.

Barnes talked about more than the famous “Five Eyes” intelligence alliance between the English-speaking nations of the US, UK, Canada, Australia and New Zealand. “Those of us in the Five Eyes Partnership, we partner with others,” he said. “We have long-term partnerships, of course, in Europe, but we spend a lot of time focusing on the Far East because we need them, they need us. And that creates an opportunity for us to help them improve their game, refine their trade, and increase our ability as a nation to take advantage of the knowledge they have and we don’t.

Barnes said these international alliances make U.S. partnerships a more vital avenue for dealing with cyber threats, because U.S. adversaries have nothing to compare. China and Russia, for example, focus on transactional relationships with other countries based on counterparties, while the United States partners with other countries without forcing anything. “It’s very different from the equation that China, Russia, and some of the other countries we’re dealing with have in their systems,” Barnes said.

Lt. Gen. Timothy Haugh, deputy commander of US Cyber ​​Command, said each of Cybercom’s components has a partnership engagement branch, “allowing us to expand our reach to nations that want to be teammates, or can -maybe they’re just trying to get their feet on the ground.There’s no reason why we shouldn’t train them quickly and then do specific actions that would make them less vulnerable to a determined adversary, but also that we would then develop a capability to allow them to do whatever their nation needs them to be able to do.

Other government agencies are stepping up their efforts

Cybersecurity efforts are also underway outside the intelligence community, fueled most recently by Russia’s invasion of Ukraine. “We tried to stay on top of everything we learned from Ukrainian theatre, everything we saw Russians doing there, contextualize it and promote some Canadian messages,” said Samy Khoury, director of the Canadian Centre. for Cybersecurity (CCCS), said. “When they did DDoS, we pushed the DDoS messages on the Canadian side. When they created the erasure malware, we promoted national messages to people saying, ‘Here are the signatures, here are the IOCs.’ Pay attention to that. So it’s been a constant learning and communicating of what we see.

One cybersecurity lesson that Lindy Cameron, CEO of the National Cyber ​​Security Center in the UK, learned from the war in Ukraine is the importance of resilience. “The Ukrainians have shown what you can do if you are well prepared. The message we’re reinforcing is, “Look at what’s possible, even against a fairly sophisticated opponent,” she said.

US Department of Homeland Security (DHS) Undersecretary for Policy Rob Silvers said one of the things the US plans to do is work with international partners to seek a common mechanism for incident reporting. “One of the things we’re going to do is engage with international partners who have similar reporting mandates to see if we can find common ground there as well, because we have multinational companies that are affected “Silvers said.

“They may very likely have to report to multiple national authorities. There’s no reason why we can’t find opportunities to lighten the load and have simplified ways to do it. Silvers also wants the United States to continue breaking down barriers to international cooperation. Cybersecurity is “so cross-sector, just dissolve all the barriers you can dissolve with capable and trusted people, whether it’s companies or countries,” he said.

Countries learn cyber lessons from other countries

Gabby Portnoy, Director General of Israel’s National Cybercrime Directorate, said: “Cybercrime, especially ransomware, is a global problem. We have to deliver, of course, internally at the state level, but also internationally. And what’s interesting is that the better we get, the worse it gets,” because it’s getting more sophisticated every day.

“We’re learning from the best, from the US, Australia, UK, Canada, Germany and other countries,” Portnoy said. “And if we find good things, we even copy them, without trying to invent the wheel. We are trying to bring together all the relevant agencies to discuss together. We call it the blue orchestra because we have the red talking with the enemies, but now we need the blue.

Arne Schönbohm, president of Germany’s Federal Office for Information Security (BSI), said he also borrows experience from other countries to shape how Germany responds to cyber threats. “If we can learn from someone else who’s had a successful initiative, we like to copy and paste,” he said. “We don’t always have to invent the wheel two, three or four times. We can learn from each other.

Copyright © 2022 IDG Communications, Inc.