NPR logo

Private, Government Cooperation Could Stem Cyberattacks

  • Download
  • <iframe src="https://www.npr.org/player/embed/386085314/386085315" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript
Private, Government Cooperation Could Stem Cyberattacks

Technology

Private, Government Cooperation Could Stem Cyberattacks

Private, Government Cooperation Could Stem Cyberattacks

  • Download
  • <iframe src="https://www.npr.org/player/embed/386085314/386085315" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript

Rachel Martin talks to Derek Manky, lead threat researcher for Fortinet, one of the founding members of the Cyber Threat Alliance, about the White House executive order on cybersecurity.

RACHEL MARTIN, HOST:

For more on the president's cybersecurity proposals, we are joined by Derek Manky. He is part of an industry group called the Cyber Threat Alliance, which has signed on to the president's cybersecurity plan. Thanks so much for being with us.

DEREK MANKY: Yeah, no problem. It was my pleasure.

MARTIN: Let's start off by talking through some high-profile examples of security breaches and how the president's executive order might have helped in these scenarios. If we look at the Sony hacking, for example, email from the company's servers was made public, hackers were digging up details of the company's internal operations and employees' personal information. How could more cooperation with other companies and the federal government - how could that kind of collaboration have made a difference in that situation?

MANKY: Sure, you know, really, really good question. So there's a lot of information to be shared. So, you know, as an example, these attackers, when they're going into a network like Sony, they leave a digital fingerprint or a trail behind them. And often that fingerprint can be observed somewhere else in the world. They're usually not just going after one target, right? They can go after a different target maybe two days before. So bits of that digital fingerprint, again, can be shared in advance, and the corporation can get it. By the time they go after their next target, that corporation's already going to have that intelligence and be able to stop the attack as well.

MARTIN: What about the target hacking, which was a case of credit card numbers that were stolen and then put on the black market for sale, what kind of cooperation would have helped there?

MANKY: You know, in all cases, it's not always possible to stop an attack. You can never say 100 percent, you know, guarantee that there's a silver bullet to stop these things. So in a case like Target and - you know, even myself thinking back to I think it was 2007, 2008 - TJX, they got hit by a massive breach back then.

MARTIN: We should say TJX is T.J. Maxx.

MANKY: Yeah, right. That's correct. These attacks sit on the network undetected for a long period of time. So the incident response - the quicker you can detect these things the less credit cards are stolen, the less damage that there is and the quicker that you can respond to them as well. So I mean, you know, in a case like Target, sharing this information, being able to actually just detect that threat in the first place goes a very long way and to understanding the threat and responding to it.

MARTIN: We have seen some big tech firms stay away from the president's meetings today, protesting over the amount of information the government has gathered in the past about their customers, which goes back to revelations about the NSA practices. Is this still a big concern? I mean, what indication do you have about the kind of companies that might agree to these kinds of proposals?

MANKY: There's a big difference between, you know, what's alleged in, you know, in Snowden and NSA and all of this, you know, the information that would be shared in a case like that compared to what's proposed in this framework. You have to understand that this framework, they're not going to be saying here's all the consumer records that were stolen, and, you know, it - relate it to person A. Here's person A's address. Like, that's personally identifiable information. What we're talking about is saying there are a whole bunch of, you know, maybe 100,000 people that were affected by this. Here's the details on the attack. Here's what the attackers were looking for. Be aware of these attackers.

MARTIN: What does this mean for the average consumer who is largely just concerned about protecting their own information? Do these proposals make consumers safer?

MANKY: Yes, absolutely. Whether it's a credit card breach or it may be someone going after health care records, again, when the attacker's on that system, the longer that they're allowed on that system, the more consumer records they can get. So, you know, if these attacks can be reduced, if the time of infection can be reduced, you know, the less consumer records are going to be impacted, and so there is a positive benefit to consumers there.

MARTIN: Derek Manky. He is part of an industry group called the Cyber Threat Alliance. Thanks so much for talking with us.

MANKY: No problem. It was my pleasure.

MARTIN: Derek Manky is also lead threat researcher for the cybersecurity company Fortinet.

Copyright © 2015 NPR. All rights reserved. Visit our website terms of use and permissions pages at www.npr.org for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.

We no longer support commenting on NPR.org stories, but you can find us every day on Facebook, Twitter, email, and many other platforms. Learn more or contact us.