July 12, 2016
Joe Franscella

Should You Trust Cyber Intelligence Companies?

<p>Every time you send or receive data from the Internet, you are surrendering some degree of privacy. Using the web reveals your location and interests, if not more. We routinely entrust our personal demographics, financial info, and our hard work to a technology that is known not to be 100% secure. Naturally, there is a lot of anxiety surrounding personal security. The Pew Research Center found <a href="http://www.pewinternet.org/2013/09/05/anonymity-privacy-and-security-online/" target="_blank">86% of people report taking steps</a> to preserve their anonymity online.</p><p>Ask yourself a few questions before you entrust a program with your network security:</p><p><strong>Is this for real? </strong>Online criminals are very inventive at creating ways to deceive users into allowing in a threat. Have you heard horror stories about software that appears to be an antivirus alert but is actually a ransomware attack? Perhaps you’re one of the many victims of such a security scam. Knowing some that some viruses scam small amounts of cash from many victims can leave you feeling paranoid about doing business with cyber intelligence companies.</p><p>You can discern trustworthy cyber intelligence companies from frauds if you know what to look for. The way to tell if a program comes from a legit cyber intelligence company from a hacker is to know what programs you’re running and what their alerts look like. If you or your employer didn’t install it, don’t trust it. Another method to tell is that the program just doesn’t seem right. Rogue antimalware <a href="http://blog.techgenie.com/online-safety-tips/fake-antivirus-programs-are-real-malware.html" target="_blank">programs are also called “scareware”</a> and for good reason. Alerts are worded in a panic-inducing tone and the graphics are dramatic alarms flashing with burning file folder icons and the like. Legit notifications are meant to be seen but are usually worded in more technical language and are not so blatantly coercive or upsetting.</p><p><strong>How good of a tool is it?</strong> What about the trustworthiness of legitimate cyber intelligence companies? Security enterprises have different methods, products, and reputations. You can discover a lot about a company’s reputation and the quality of its software by doing a little research. Magazines and blogs review threat intelligence products, but the top search results may have a special interest and review only certain companies. Look critically at who is publishing the reviews and take all recommendations with a grain of salt. Security scans are only as good as the threat intelligence they compare against, so volume is critical to the quality of a security solution.</p><p><strong>Is it good for my best interests?</strong> <a href="https://www.anomali.com/blog/sharing-threat-intelligence-why-and-how">What about privacy</a>? Threat intelligence is performed by comparing traffic on your network to logs collected from other networks. The differences and similarities produce useful information on attempted and successful breaches. Putting this intelligence in context gives valuable insight into the hacker’s motivations. This is not possible without traffic information collected from users. The concerns about giving web traffic logs to an outsider are mitigated by the benefits of allowing cyber intelligence companies to create security solutions using the most current data possible. Even the <a href="https://www.anomali.com/blog/the-impact-of-global-threat-assessment">Department of Justice has called for cooperation</a> in amassing info for its Most Wanted files.</p><p>The Modern Honey Network was developed to satisfy these two competing interests, privacy and current threat intelligence. When you use a honeypot built with MHN, the threat intelligence is transmitted in a way businesses can feel comfortable.</p><p><strong>Are we using this to its full benefit?</strong> It is up to you to do your part to ensure these tools work. Make the best use of your cybersecurity software:</p><ul><li>Update definitions as much as possible</li><li>Configure alerts to ignore “noise”</li><li>Pay close attention to alerts</li></ul><p>If you are asking yourself questions about which entities you can trust, you are in the right mindset for protecting your data and the people who depend on its security. One thing is for sure: you can trust cyber intelligence companies more than you can trust spammers, spies, and identity thieves.</p><p>Now that we know we can trust, learn more about sharing threat intelligence and develop a methodology to measure the effectiveness of your current security infrastructure.</p><p><span class="hs-cta-wrapper" id="hs-cta-wrapper-79cc3352-61a2-44b7-8b7c-6f25d759918c"><span class="hs-cta-node hs-cta-79cc3352-61a2-44b7-8b7c-6f25d759918c" data-hs-drop="true" id="hs-cta-79cc3352-61a2-44b7-8b7c-6f25d759918c" style="visibility: visible; display: block; text-align: center;"><a class="cta_button" cta_dest_link="{page_3458}" href="https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/c/?cta_guid=4f082f1c-a704-4df4-a627-a030c2f8e351&amp;placement_guid=79cc3352-61a2-44b7-8b7c-6f25d759918c&amp;portal_id=458120&amp;redirect_url=APefjpEwqCcX_tmiEOCypFtMEJao16bB0rmBqoyqmKyJLNHOtwnvcDRiDnoD5_lziD5pfAljRgJQ1-1egtWLwIZ5hEZjpL_6GUT60MgJXOj642y6jA5_X0rKjdFyHJShtIv3PuqiIAOhZYQzwQv5wPAoYcu9Rre02uctFCWXkVylzFadvMNOADb9ErvCUd9isFENwj8OQ5EHvLfWwT0mLaY1o34RUbV_QmP2DlHxHXRGAbSyxZFbBdoOK5yTR1YrCnNaYOQCyG-Xw8nyrmavj14KKZ0ZzmJe3EC2tEZSqbj0QrgMIZvSj96NvLqfdz7Aolb8yL4aapTmkpDBZTJSSVnkiMMq9PvYXw&amp;hsutk=2767d93d6471d657e0c9f660e4b58ef8&amp;utm_referrer=https%3A%2F%2Fblog.anomali.com%2Ftrust-cyber-intelligence-companies&amp;canon=https%3A%2F%2Fblog.anomali.com%2Ftrust-cyber-intelligence-companies&amp;pageId=4254174931&amp;__hstc=41179005.2767d93d6471d657e0c9f660e4b58ef8.1456736058655.1478822660171.1478831861868.179&amp;__hssc=41179005.85.1478831861868&amp;__hsfp=1335165674" id="cta_button_458120_4f082f1c-a704-4df4-a627-a030c2f8e351" style="margin: 20px auto;" target="_blank" title="Download Here">Download Here </a> </span> <script charset="utf-8" src="https://js.hscta.net/cta/current.js"></script> <script type="text/javascript">hbspt.cta.load(458120, '79cc3352-61a2-44b7-8b7c-6f25d759918c', {});</script> </span></p>

Get the Latest Anomali Updates and Cybersecurity News – Straight To Your Inbox

Become a subscriber to the Anomali Newsletter
Receive a monthly summary of our latest threat intelligence content, research, news, events, and more.