MaltaToday previous editions

MALTATODAY 4 April 2021

Issue link:

Contents of this Issue


Page 45 of 47

maltatoday | SUNDAY • 4 APRIL 2021 14 COMMERCIAL CYBER security attacks are on the increase and are becoming more sophisticated against Gov- ernments, companies, and in- dividuals. The latest large-scale attack that has affected a wide range of organisations from Governments to multination- al companies, was conducted deeply within the heart of these organisations by compromising the supply chain of these organ- isations and getting access to sensitive and exclusive informa- tion. This type of attack clearly shows that while implementing defensive security measures and keeping your systems updated is very important, it is not just enough. In conjunction with these measures, it is very impor- tant that cyber threat informa- tion and intelligence is shared amongst organisations so that they complement the security measures being implemented having a full holistic infrastruc- ture defence program. Information gathering is one of the oldest professions that have ever existed. The Meso- potamians and Egyptian Pharos resorted to information and in- telligence gathering to be able to protect better their nation and their people. The Romans had information scouts who would gather information on formations and locations of en- emy armies. In the late 1800's Britain also realised the impor- tance of gathering information and turn it into intelligence to be able to protect the King- dom against threats from other countries. During the years, intelligence gathering has been classi- fied into different categories, mainly related to particular activities. HUMINT (Humans Intelligence) intelligence is de- scribed as intelligence or infor- mation gathered from humans delivered by contact between persons. Basically, HUMINT was the intelligence our old ancestors had at the time since the information was relayed by humans. With the introduc- tion of technology other types of intelligence evolved such a SIGINT (Signals Intelligence) which is intelligence gathered from signal interception, IM- INT (Imagery Intelligence), intelligence gathered from im- agery and OSINT (Open Source Intelligence) intelligence gath- ered from publicly available information appearing in print or electronic form, including radio, television, newspapers, journals, the Internet, Social Media, commercial data repos- itories, and videos. Intelligence played a crucial role in all wars. For example, during the World War II, the success of intelligence high- ly contributed to subdue and eventually defeat the AXIS forces and the Third Reich. In today's world the enemy is manifesting itself over the In- ternet. The victims of such at- tackers have no boundaries and include Governments, compa- nies and even individuals, with various objectives ranging from espionage and harm to nations to financial gain. To have an effective defence system one should also engage onto intel- ligence gathering and act upon it. Intelligence is also relevant in the cyber world, where on a daily basis organisations de- ploy systems and processes to combat cyber security attacks such as firewalls to protect the networks, anti-virus systems, end-point protection systems and email protection systems to mention a few, it is a wise step in the right direction to couple these security measures with cyber threat information sharing and gathering. Receiving alert information on systems and software vul- nerabilities beforehand will enable organisations to update their systems before an attack that exploits that vulnerability is released. Often attackers take advantage of such weaknesses to launch their attacks. An- other information sharing ad- vantage is when organisations detect possible phishing cam- paigns and malicious website links. Sharing such information with your peers will provide the possibility to prepare and protect against such campaigns before they hit an entity's in- frastructure. This information is usually termed as Indicators of Compromise (IOCs), pieces of data that identify the charac- teristics of an attack that can be used to detect and mitigate an attack. Other sophisticated cy- ber threat intelligence gather- ing methods include scanning for malicious activity over net- works and the Internet, using specialised tools such as hon- eypots, network traffic pattern and behaviour analysis and dark/deep web monitoring. MITA has understood that cyber threat intelligence gath- ering, and sharing is an im- portant activity for protect- ing the Maltese Government infrastructure. MITA is also committed to play an active role in national cyber threat information sharing to ensure that potential cyber threats are communicated to other stake- holders to assist them in pro- tecting their infrastructures and the Maltese cyber space. Cyber threat intelligence is a proactive measure that assures systems are protected before these are attacked supporting the saying "prevention is better than cure" and that forewarned is forearmed. Organisations who wish to join our community and would like to receive intelligence from MITA, are encouraged to make contact with the MITA Cyber Threat Intelligence Team on, providing organisation's details and an overview of the operating busi- ness sector and it will be our pleasure to have a chat and col- laborate together and secure our digital future. Cyber security attacks on the rise, defensive security may not be enough Martin Camilleri

Articles in this issue

Links on this page

Archives of this issue

view archives of MaltaToday previous editions - MALTATODAY 4 April 2021