You don’t tug on Superman’s cape, you don’t spit into the wind, you don’t pull the mask off the old Lone Ranger and, with apologies to Jim Croce, you don’t mess around with medical and healthcare organizations battling the coronavirus pandemic, or you’ll face the full force of the COVID-19 CTI League, a group of 400 cybersecurity volunteers from more than 40 countries who’ve pledged to fight pandemic-related hacks.
It’s tempting to drag out the popular, if tired, trope “not all superheroes wear capes” when referring to the group that includes Microsoft and Amazon and which counts in its leadership DefCon security chief Mark Rogers, a vice president at Okta, as well as Microsoft Senior Privacy Program Manager Chris Mills and Senior Security Program Manager Nate Warfield and Clearsky Cyber Security Lead Cyber Intelligence Researcher Ohad Zaidenberg.
But the COVID19-CTI
website says the collaborative is simply “a community of CTI experts, Incident
responders and Industry experts working to neutralize all cyber threats looking
to exploit the current pandemic.” The group explained
on its website that it would “identify, analyze and neutralize all threats but
at this most sensitive time are prioritizing front-line medical resources and
Members of the group will use their
collective cybersecurity skills and extensive contacts to address and curb coronavirus-related
hacks, including the uptick in phishing schemes.
“This is a great opportunity to support the IT security
superheroes who are keeping the healthcare and critical supplies working to
save lives,” said Joseph Carson, chief security
scientist and Advisory CISO at Thycotic, who’s a member of thegroup
and has “signed up for Cyber Volunteers 19 to help with health services in the
Calling for the security community, “specifically those with expertise in phishing and social engineering threats needs to support the effort and be involved,” Atif Mushtaq, CEO and founder at SlashNext, said the mission’s success “would require unilateral cooperation and support from corporations, executives, employees, white hat hackers, coders, researchers, and any other security professional who could assist in the effort.”
Mushtaq said his company is looking for ways to be more involved
in the initiative.
Lookout, too, sees a role for itself in this effort, said Staff Security Intelligence Engineer Apurva Kumar “Many
competitors are happy to work with each other privately for the greater good,
from both security vendors and researchers to law enforcement and CISOs from
industries such as healthcare and banking,” he said. “As long as we can develop
a similar coalition for these efforts I expect similar positive results.”