Together, We’re Creating Better Threat Intelligence Sharing for the World
by Jacomo Piccolini, Outreach Team Lead, Team Cymru
Monday, January 28th, 2020
Since 2005, Team Cymru’s mission has been to save and improve lives by working with public and private sector entities to discover, track, and take down threat actors and criminals worldwide. We do this by delivering comprehensive visibility into global cyber threat activity. For over 15 years, we’ve built data sharing partnerships on a global scale that allows us to collect, process and aggregate global network traffic and 50+ other types of data to give our clients Pure SignalTM. This allows elite analyst teams to perform threat hunting and cyber reconnaissance at a level not possible using traditional methods and tools.
However, while our Pure Signal intelligence is available commercially and also powers many cyber security vendors’ offerings, Team Cymru prioritizes its no cost community services. For example, we have recently released the new Nimbus Threat Monitor, which leverages our leading IP reputation data to deliver no-cost threat intelligence monitoring to network operators and network owners around the world. We also provide a no-cost DDoS solution, a CSIRT Assistance Program (CAP) and more.
During our time at the FIRST Conference, we reached a new milestone with our CSIRT Assistance program, adding new CSIRT members for a grand total of 133 participating teams. Established nearly a decade ago as a trusted conduit for notifying countries of observed malicious Internet activity, the Team Cymru CAP works with national and regional CSIRTs (Computer Security Incident Response Teams) by sharing its world-class threat intelligence at no cost. Today the CAP has scaled to provide up to 20 million events to global CSIRTs every day, monitoring these nations’ IP space.
As Steve Santorelli, our Director of Intelligence and Outreach, said, “We feel it’s an ethical responsibility to get as much of our insight back to those that need it and that’s why the Team Cymru CSIRT Assistance Program has been so hugely successful in terms of real, daily impact on human lives in over 85 countries. This milestone indicates that our community can coalesce around these threats in a way that puts the greater good in front of corporate greed."
I want to invite you to also subscribe to Dragon News Bytes. Recently, a cyber security research team was able to use this highly restricted threat intelligence news mailing list to secretly orchestrate the dissemination of information about the EmoCrash “vaccine” script to CSIRTs around the world for six months, preventing Emotet malware from affecting new victims. More than 6000 people subscribe to the Team Cymru Dragon News Bytes.
We have unique visibility into the majority of global IP space and are a critical source of threat intelligence for the public sector, major commercial cyber security companies, Fortune 500 security teams and the broader community of network defenders that work tirelessly to make the Internet a safer place. We want to thank you for your great work, and we are honored to be a part of it.