CTA: The Value of Collaboration…

Home » Blog » CTA: The Value of Collaboration…
By Cyber Threat Alliance
August 11, 2020

Written by the SCILabs Team

The story…

It appeared that it would be a quiet Friday for our Incident Response Team; it was almost the end of the day, time to rest, suddenly the phone rang… “We need your help; a key customer is having an incident.”

From then on and during the following hours, we were dedicated to researching and obtaining any relevant data; the frustration arrived. We could not find information in our internal sources or OSINT. Still, among the obfuscated artifacts, there was a suspicious IP address, that fortunately had a single hit in the CTA’s Magellan platform. It was the help that we needed because from there, we knew that we were not alone; elsewhere, thousands of miles away, someone also saw something suspicious about it.

Through the CTA, we established contact with the great researcher that uploaded it, who provided us with new details about that IP address, which was enough to improve the hunting that led to identifying more infected computers in the client’s network. This invaluable action allowed us to continue making progress during the handling of the incident and eradicate the threat faster.

The value…

In situations such as this, we discover the power of information exchange and the importance of collaborating globally with leading cybersecurity companies. It is also a fact that the information obtained through the Magellan platform is invaluable. We realize that our efforts in researching not only serve to make our customers more secure but help other members of the CTA in combating cybercrime in the same way that their research helps us daily.

The secret…

Threat intelligence, backed up by robust technology, is the key to increase cyber-attack response capabilities and enhances the operational capabilities of all CTA members. It allows us to know the most active threats, the most prevalent types of attacks, and the most unusual modus operandi worldwide. Real collaboration and amazing people are what you will find inside the CTA.

The ending…

We can say with certainty that for Scitum, collaboration is synonymous with growth, it is to evolve together. In SCILabs (Scitum Cyber Intelligence Laboratories), we acknowledge that working together is the door that leads to success.

Author: Cyber Threat Alliance

Related

Encourage, Educate & Engage: Thinking OUTside the Box to Draw Women IN

By Kathi Whitbey

By Kathi Whitbey, Business Operations Manager, Unit 42, Palo Alto Networks As we approach International Women’s Day on March 8, 2023, there is always talk about the lack of women in cybersecurity. How do we “fix” this [...]

Nonprofit Cyber Celebrates Its First Anniversary with Six New Members

By Nonprofit Cyber

BBB Institute for Marketplace Trust, Black Girls Hack, Building Cyber Security, Internet Safety Lab, the Global Anti Scam Alliance, and the Maritime Safety and Security Alliance have joined the coalition, adding to its diversity, equity and [...]

Collaboration is Key to Better Threat Intelligence

By Victor Acin, Blueliv

By Victor Acin (Blueliv Labs Manager) Where do you get your cybersecurity news from? If you are a cybersecurity vendor, your news feed is a great way to find outdated threat information, after an attack has already happened. But, if your mission is to defend the digital ecosystem, critical infrastructure, as well as [...]