There’s a lot of uncertainty in the world, but the one thing you can be sure of is that COVID-19 has and will continue to create a situation that hasn’t been seen in three generations, certainly not in living memory.
In a matter of weeks, response to the pandemic has reshaped our global economy and societies in ways that will touch everyone. How we work, shop, get educated, travel, exercise, care for each other, and socialize has changed radically, and with ferocious speed. And the pandemic has created new classes of both villains and heroes.
While many of the changes to interpersonal interactions have been rough, there are some silver linings to these difficult circumstances. One of the brightest spots is how the coronavirus has roused many in the security industry to action, for many of the same reasons why some people enlist in the military during wartime: out of a sense of duty and a desire to protect others. Only this time, the enemy is cybercrime itself.
The collective sense of duty, coupled with a visceral reaction to criminals exploiting the world’s fears of an invisible killer, led to the spontaneous formation of several working groups to combat these threats.
There is much that is remarkable about these initiatives, but one characteristic that stands out is how militia-like these groups are, from the way that they have self-organized in a matter of days, with distributed (decentralized) structures, to how they are positioning themselves to aid our “conventional” forces, including individual cybersecurity companies.
What began with a simple call by Sophos Chief Scientist Joshua Saxe for analysts to join forces has turned, in a matter of just a few weeks, into an operation numbering more than 3,000 volunteers, comprising people from a broad range of industries and organizations around the world, working with a single purpose and goal.
The all-volunteer effort of the CCTC has self-organized around the goal of creating a shared pool of real-time data and threat intelligence about attacks in which the attackers have in some way exploited the COVID-19 pandemic, and making that output freely available to anyone who has a use for it.
The outpouring of data from volunteers was matched with generous offers from tech firms to provide the organization with the tools and technology they need to accomplish the mission, at no cost. The charitableness of the volunteers with their time, and of businesses with their products and infrastructure has been heartening in these trying times.
The collaboration, spirit of teamwork, and feedback among CCTC volunteers has been impressive, as well. Participants organized into teams that rapidly devised systems to collect volumes of threat intelligence along with automation to vet the data, reducing the likelihood of spreading inaccuracies. Others are consumers of this data, using it to strengthen our collective infosec immune system and suggesting different ways to produce output they can use with less effort.
The spontaneous genesis of these groups represents a statement that, collectively, information security specialists will no longer tolerate business as usual from criminal groups that, even in the best of times, can ruin lives and harm or destroy businesses or organizations.
At a time when the fabric of our very society seems strained almost to the breaking point, a ransomware attack against a medical facility or other critical infrastructure could cost actual lives.
The tragedies and trauma of a global pandemic will shape a post-COVID world that may not look very different to what came before but will be very different under the hood. Those who protect us have a renewed sense of purpose and collective mission, unencumbered by pre-existing affiliations. We should embrace that.
There are some things that shouldn’t fully snap back to the way they were, and a group of cyber-minutemen who rise up to defend us all against enemies who act with depraved indifference to the needs of civilization might just be what the doctor ordered.