President Obama is convening a meeting Wednesday with corporate executives in the White House Situation Room to talk about cybersecurity. One topic that is sure to come up is the sharing of information between government and business on cyberthreats.
Such information-sharing has been a controversial issue for privacy advocates, and it’s one reason why Obama's executive order on cybersecurity, unveiled in January, steered clear of that issue. The Obama administration is also bound by the scope of its authority — it can’t set up a more comprehensive system without permission from Congress. For their part, companies can be skittish about volunteering information to the government, fearing lawsuits in the event something goes wrong.
If you ask Deutsche Telekom, though, it shouldn’t take an act of Congress for publicly traded companies to do what’s in the general interest. The German parent of T-Mobile USA has begun to make threat information partially public. Using their new monitoring tool, Sicherheitstacho, you can actually watch cyberincidents beoing logged in real time. Above is a GIF of it in action from Wednesday morning.
The site uses 97 dummy nodes on the Web that trick automated attacks into thinking they’re just another pathway through the Internet. They are actually sensors, or “honeypots.” Among the data the sensors have gathered? Last month, there were upward of 30 million automated attacks. Guess which country most of them came from.
If you said China, you’d be wrong. It doesn’t even make it into the top 10. The No. 1 source of automated hacks comes from Russian IP addresses, which account for 8 percent of all attacks launched in the last 30 days. One percent of attacks were traced to U.S. sources. No matter where they originate, the probes spare no target. Websites, smartphones, networks — all appear vulnerable, though to different degrees.
Deutsche Telekom is giving what it has learned to German law enforcement as part of its work with the Alliance for Cyber Security, a federal project set up by Berlin. It’s unclear what a similar partnership between companies and the government might look like in the United States. Given how much of the country’s utilities and other vital networks are run by private-sector entities, though, it might not be long before corporate initiatives like this one start to crop up on this side of the Atlantic.