Facebook Launches Threat-Sharing Platform To Combat Cybercrime
Social media giant Facebook is aiming to take a bite out of cybercrime. To that end, it has built another social network. Sort of. The company announced that it has created a new platform that companies can use to share information about new threats to network security, built on Facebook’s existing social network infrastructure.
The API-based platform functions as a layer above Facebook’s core infrastructure, allowing companies to run queries for threat information and publish new information as they discover it. The company is hoping that the new system will make sharing information on common security threats easier by making the process simpler and more efficient.
A Better Model for Threat Sharing
There is nothing particularly revolutionary about the platform, known as ThreatExchange. All of the information it contains, such as domain names and malware samples, is already publicly available. But ThreatExchange will allow participating organizations to share as much or as little information about threats that they are facing as they want, allowing them to maintain confidentiality.
The genesis of the ThreatExchange project began more than a year ago, when a group of technology companies joined forces to put down a botnet that was conducting a malware-based spam attack against multiple online services, according to Mark Hammell, manager of Facebook’s Threat Infrastructure team.
“We quickly learned that sharing with one another was key to beating the botnet because parts of it were hosted on our respective services and none of us had the complete picture,” Hammell wrote in a blog post announcing the new platform. “During our discussions, it became clear that what we needed was a better model for threat sharing.”
ThreatExchange was created as a result of those conversations. “It was natural for us because our core service is a platform for sharing and because we already had a threat analysis framework called ThreatData that we could build upon,” Hammell added.
Facebook’s early partners on ThreatExchange included Pinterest, Tumblr, Twitter, and Yahoo. The early feedback from those collaborators centered on the need for a platform that could provide sufficient flexibility for organizations to be more open or selective about the information they share, according to Hammell. Built-in controls make limited sharing easy and help avoid errors by using a pre-defined set of data fields, according to Facebook. Companies will also be able to specify which other companies will be able to see what they post.
The platform is now available in beta at threatexchange.fb.com. In addition to Facebook’s existing partners, new members like Bitly and Dropbox have also joined the information-sharing platform.
“Our goal is that organizations anywhere will be able to use ThreatExchange to share threat information more easily, learn from each other's discoveries, and make their own systems safer,” Hammell wrote. “That's the beauty of working together on security. When one company gets stronger, so do the rest of us.”