CyberSec Community Rolls Out ETHOS – An Open Early Warning System

As the tech world grapples with increasing cyber threats, the cybersecurity community has decided to join hands. Consequently, ETHOS has emerged as an open-source early warning threat information system following a collaboration of cybersecurity leaders. With ETHOS, the cybersec community aims to protect critical infrastructure across the globe by prompt information sharing.

ETHOS – An ‘Early Warning’ System To Protect Critical Infrastructure

As announced recently, ETHOS has arrived as an inclusive and proactive threat alert system, helping security professionals globally.

Specifically, ETHOS (Emerging THreat Open Sharing) is an open-source platform sharing threat intel from different cybersecurity leaders. The key firms that joined hands to develop ETHOS include 1898 & Co., ABS Group, Dragos, Nozomi Networks, Claroty, NetRise, Forescout, Network Perception, Tenable, Schneider Electric, and Waterfall Security. Moreover, CISA has also expressed interest in joining the project as required.

Developing ETHOS aims to expedite threat detection by providing readily available, open-source information about cyber threats. The platform gathers this information from multiple security vendors.

This swift accessibility will facilitate identifying anomalous behaviors, discovering novel attacks, and generating quick responses with improved communication, support, and interoperability by linking peers, industries, and governments. This unified approach will be key in protecting critical infrastructure from potential threats.

Aiming to improve public/private sector cooperation for collective cybersecurity across the globe, ETHOS – a non-profit entity – will have the information accessible via GitHub. The information shared by ETHOS will typically focus on OT/ICS environments. The main objectives of ETHOS include,

• Building an open-source codebase for OT/ICS networks for data sharing.
• Developing innovative design and governance decisions.
• Producing no-profit code for early warning detections to facilitate cybersecurity professionals.

Will ETHOS Deliver Fruitful Results? Let’s hope!

The industry leaders have great expectations from the ETHOS initiative, particularly its widespread reach that will contribute towards faster and better threat detection.

LHN reached out to Anzar Hasan – a technology leader, security auditor, and a senior member of IEEE, to know his thoughts about ETHOS’s usefulness.

According to Hasan, the operation technology (OT) and critical infrastructure, including the power grid, currently faces six major challenges: cybersecurity, aging infrastructure, lack of standardization, workforce shortages, natural disasters, and supply-chain disruptions. And initiatives like ETHOS promote the idea of a combined effort to address these challenges.

Addressing these challenges will require significant investment in upgrading and modernizing critical infrastructure systems, improving cybersecurity, developing new technologies, and training and retaining a skilled workforce. Addressing these challenges will require a coordinated effort among governments, private companies, and other stakeholders.
ETHOS (Emerging THreat Open Sharing), an open-source, vendor-agnostic technology platform for sharing anonymous early warning threat information across industries with peers and governments, is the right step towards securing the critical infrastructure.

Benefits of an early warning system

Early threat alert systems like ETHOS will likely facilitate the security community to repel cyberattacks promptly before occurrence. Hasan highlights five key benefits of such ‘early warning’ tools.

1. Improved Preparedness

Early warning systems help critical infrastructure operators and relevant stakeholders prepare for potential disruptions or threats.

This allows them to develop contingency plans, coordinate responses, and allocate resources to minimize the impact of any potential disruption.

2. Reduced Downtime

Prompt threat detection and preparedness reduce downtime – an essential gain for critical infrastructure.

[It] can help critical infrastructure operators to detect potential threats or disruptions in advance, allowing them to take preventive measures to avoid downtime or minimize its impact.

3. Enhanced Security

In-time threat alerts can help security professionals reduce the success rate of incoming attacks.

This can help to prevent data breaches, sabotage, or other malicious activities that could compromise the integrity or availability of critical infrastructure systems.

4. Increased Resilience

Early warnings about potential threats lead to timely incident responses, ultimately adding to the target infrastructure’s resilience.

This can help reduce the impact of disruptions and enable faster recovery from any disruptions.

5. Improved Safety

Early warning systems help improve ICS/OT infrastructure safety by alerting relevant stakeholders about potential hazards or risks.

This can help prevent accidents, injuries, or other negative consequences resulting from system failures or other disruptions.

ETHOS is in early development, inviting interested professionals to contribute to the project’s development and direction. The memberships, open for individuals, organizations, and security vendors alike, will begin in June 2023.

Let us know your thoughts in the comments.