Facebook has announced that the collaborative threat-detection framework will be known as ThreatExchange, and various companies have already signed up.
The idea behind the project is to make it more difficult for hackers to undertake coordinated cyber attacks against various companies at the same time. ThreatExchange will operate as an online hub which will enable multiple organizations to share data on hacks that they have suffered, writes Jonathan Vanian of Gigaom.
Facebook encouraging cooperation
This data includes malicious URLs, malware, bad domains and analytics that the company has concerning that malware, according to Mark Hammell, threat infrastructure manager for Facebook. After companies have submitted their data, Facebook’s graph-database can be used to detect new relationships, including which malware communicates with which domain, or whether a domain is hosted on a bad IP address.
By combining security data from various companies, participants will be kept up to date on cyber threats in real-time, which will help to prevent coordinated attacks. One such attack prompted the idea behind ThreatExchange. Facebook and other tech companies were victims of a piece of malware which attempted to spread itself across the different services offered by each company, made easier by the integrated nature of the services that we use everyday.
Growing list of participants
The malware was quickly disabled but it inspired Facebook to open up its ThreatData framework to other companies. So far Pinterest, Tumblr, Twitter and Yahoo have given feedback on the framework, while Bitly and Dropbox both recently joined the initiative.
Participating companies will have the ability to search for “malicious domains that have been added in the past day to the system,” or add a malicious domain that they have discovered themselves. The graph-database will then produce a list of URLs that are potentially associated with the bad domain, providing an indication as to whether the malware is attempting to spread across various sites.
The companies will subsequently be able to contact fellow users to alert them as to potential threats. The beta version of ThreatExchange is now available and those interested in participating can visit the Facebook ThreatExchange site here.
