Jul 19, 2017 13:26 JST

Source: Fujitsu Ltd

Fujitsu Links its Cyber Threat Intelligence System to the US Department of Homeland Security's AIS CTI Sharing System
Will rapidly collect global cyber threat indicators to enable immediate response

TOKYO, Jul 19, 2017 - (JCN Newswire) - Fujitsu has demonstrated its ability to link and achieve mutual compatibility between its in-house-developed cyber threat intelligence (CTI)(1) utilization system and the US Department of Homeland Security's (DHS) system for sharing CTI provided through its Automated Indicator Sharing (AIS) program which rapidly shares cyber threat indicators between government and private companies.

By linking these systems, Fujitsu will be able to analyze both the CTI it already possesses as well as the CTI from AIS. In so doing, when a cyberattack occurs, threat indicators about attacks with the same or similar elements, as well as intelligence about countermeasures can be rapidly supplied from AIS and used to respond. In addition, by setting the link so that the latest CTI is uploaded onto AIS and automatically reflected to Fujitsu's security products and services that protect customer systems, Fujitsu can automate tasks such as the addition of rules to respond to new cyberattacks, which previously had to be done manually. This shortens the work time required of those responsible for cybersecurity and reduces the chance for mistakes.

Fujitsu is positioning this CTI utilization system as a linchpin in building a proactive defense against an expanding number of cyberattacks. Going forward, Fujitsu will link this system with its security products and services for malware detection and other tasks in response to the latest cyberattacks.

Background

As the threat of cyberattacks has increased in recent years, demand has been growing for enhanced security countermeasures to protect the critical infrastructure that supports society. In addition, there have been issues with a lack of analysts with advanced skills that can respond to ingenious and difficult-to-detect cyberattacks, making it increasingly important to utilize CTI on a global scale.

The DHS is promoting its AIS program, which is an effort to rapidly share massive amounts of CTI around the world between participating organizations and corporations. Fujitsu has been connected to the framework since June 2017.

In order to more efficiently use CTI from AIS, Fujitsu has now connected the CTI utilization system it developed with AIS's CTI sharing system, enabling its use in rapid responses to cyberattacks.

The AIS program

The AIS program consists of the US government and government institutions and private companies, both inside and outside the US, rapidly sharing CTI through a system operated by the DHS. As of the end of June 2017, 147 organizations are now connected. CTI shared through AIS uses the STIX(2) format and TAXII(3) protocol standardized by the OASIS CTI Technical Committee(4) for the sharing of CTI.

AIS offers the following features.

1. Rapid sharing of CTI

The CTI provided by participating government institutions and private corporations can be shared with a simple process so that this program facilitates the rapid sharing of CTI among participating organizations.

2. Anonymization of CTI provider

The name of the organization or company that provided CTI can be anonymized as necessary, enabling the provision of CTI without revealing the source to the end user.

3. Participating organizations can utilize CTI safely and securely

To participate in AIS, an organization is required to submit application documents to DHS for approval. Participating organizations are therefore able to mutually utilize CTI safely and securely.

About Fujitsu's CTI Utilization System

In order to efficiently share CTI between various organizations and companies, and rapidly build effective countermeasures, Fujitsu developed a CTI utilization system that incorporates functionality to safely and easily generate and use advanced CTI, and has been operating this system internally since August 2016.

1. Functionality safely and easily shares CTI between organizations and companies

This system incorporates functions to accept CTI in standard formats established by the OASIS CTI Technical Committee, as well as a function that enables users to choose who shares what information from within the CTI. With these capabilities, CTI can be collected from a variety of providers, combined, and utilized. This system's ability to link with FireEye iSIGHT Intelligence(5) has already been confirmed.

2. Advanced CTI analysis and editing functionality

This system incorporates functionality providing visibility into the relationships between the constituent elements of a cyberattack recorded in each piece of CTI, including basic information such as the attacker, the time, the target, the machines attacked, and intrusion pathways and methods, as well as countermeasures. This enables users to extract cyberattacks with identical or similar elements to another cyberattack, visually checking the relationship between them, and simplifying discovery of new commonalities between cyberattacks, including information about attackers that could not have been discovered previously.

Linking Fujitsu's CTI Utilization System with CTI from AIS

Fujitsu has confirmed it successfully linked its CTI utilization system with AIS. Through this, Fujitsu expects the following results.
- Because it is possible to rapidly collect cyber threat indicators from around the world and immediately build concrete countermeasures, this connection is capable of preemptively preventing risks such as information leaks.
- By connecting CTI from AIS with Fujitsu's security products and services, and setting the system to automatically update with new CTI, even existing security products and services become capable of immediately responding to new cyberattacks. This will shorten the time spent by those responsible for security on operations, and reduce the number of mistakes.

Future Plans

Fujitsu is beginning to link its CTI utilization system, now linked with CTI from AIS, with a variety of security products and services, implementing them internally under the Fujitsu Advanced Artifact Analysis Laboratory(6), an advanced security analysis organization. Going forward, Fujitsu aims to provide security products and services that can respond to the very latest cyberattacks by reflecting the results of this implementation in its security products and services.

(1) Cyber Threat Intelligence
The kinds of information yielded by a sophisticated analysis of a cyberattack (such as the attacker, timing, objective, target of the attack, and route and method of the intrusion), as well as information on ways of dealing with the attack, all in a format that can be used by a computer.
(2) STIX (Structured Threat Information eXpression)
A structured language for describing cyber threat information so it can be shared, stored, and analyzed in a consistent manner.
(3) TAXII (Trusted Automated eXchange of Indicator Information)
An application layer protocol for the communication of cyber threat information in a simple and scalable manner.
(4) OASIS CTI Technical Committee
The OASIS Cyber Threat Intelligence (CTI) TC was chartered to define a set of information representations and protocols to address the need to model, analyze, and share cyber threat intelligence.
(5) FireEye iSIGHT Intelligence
The cyber threat intelligence service provided by FireEye, Inc. https://www.fireeye.com/products/isight-cyber-threat-intelligence-subscriptions.html
(6) Fujitsu Advanced Artifact Analysis Laboratory
Jointly established by Fujitsu Limited and PFU Limited in Tokyo and Yokohama on November 18, 2015, this organization brings together and analyzes security information on a global scale.

Contact:
Fujitsu Limited
Public and Investor Relations
Tel: +81-3-6252-2176
URL: www.fujitsu.com/global/news/contacts/
Source: Fujitsu Ltd
Sectors: Cloud & Enterprise, CyberSecurity

Copyright ©2024 JCN Newswire. All rights reserved. A division of Japan Corporate News Network.

Related Press Release


Fujitsu Limited announces recruitment plans
March 19 2024 09:34 JST
 
Fujitsu and AWS will launch a new Modernization Acceleration Joint Initiative to enable customers across industries to drive digital transformation with fast and secure legacy modernization
March 18 2024 15:12 JST
 
Japanese joint research group win Prime Minister's Award with ultra high-performance computing platform using jointly developed 64-qubit quantum computer
March 15 2024 09:19 JST
 
Fujitsu and Tokai National Higher Education and Research System collaborate on AI-based space weather research
March 14 2024 09:21 JST
 
GMO Research Activity Support & Technology launches brain MRI analysis tool developed on world class supercomputer Fugaku with Fujitsu Computing as a Service (CaaS)
March 12 2024 09:20 JST
 
Fujitsu and Carnegie Mellon University develop AI-powered social digital twin technology with traffic data from Pittsburgh
March 07 2024 09:25 JST
 
Fujitsu and Celonis Expand Strategic Global Partnership
February 26 2024 14:40 JST
 
Fujitsu introduces "Uvance Wayfinders", expanded and strengthened consulting capabilities to deliver cross-industry business value
February 22 2024 11:05 JST
 
Fujitsu delivers new supercomputer system to Japan Meteorological Agency to improve prediction accuracy for typhoons and torrential rain
February 21 2024 15:38 JST
 
Fujitsu collaborates with QuTech in development of new technology for freezing electronics to control diamond spin qubits
February 20 2024 20:28 JST
 
More Press release >>

Latest Press Release


More Latest Release >>