Several cybersecurity companies specializing in industrial control systems (ICS) and other operational technology (OT) have teamed up to create an open source information sharing platform that is designed to serve as an early warning system for critical infrastructure.
The new project, named ETHOS (Emerging THreat Open Sharing), is a vendor-agnostic technology platform for sharing threat information anonymously and in real time across various industries.
The shared information includes indicators of compromise (IoCs) such as IP addresses, hashes, and domains, which can be useful to defenders for detecting new threats.
“A real-time, open-source solution that functions almost like a hotline to correlate information from multiple security vendors to identify anomalous behaviors is the most feasible concept for reducing threat actor dwell time and discovering incidents during the reconnaissance phase of potential attacks,” the project’s initiators explained. “The goal for ETHOS is to uncover emerging threats for which there is no threat intelligence available.”
ETHOS currently has a beta API that provides data sharing functionality, and a server is in development.
Organizations participating in the project can act as clients and/or host their own server to compare the information that is shared. ETHOS founding members pointed out that the project is not a shared proprietary threat intelligence feed and its goal is to complement existing information sharing platforms.
ETHOS is designed specifically for OT/ICS, but the API can be used by any type of cybersecurity solution.
Founding ETHOS members include 1898 & Co., ABS Group, Claroty, Dragos, Forescout, NetRise, Network Perception, Nozomi Networks, Schneider Electric, Tenable, and Waterfall Security.
General membership applications will be available in June 2023. Any individual, organization or security vendor can contribute to the project.
Related: Swimlane Launches Security Automation Ecosystem for OT
Related: US Electric Cooperative Association Launches Commercial OT Security Solution
