Global Threats

Timothy Reboulet | August 23rd, 2021


There are no borders when it relates to global cybersecurity.  Interpol and Europol are unique organizations leading the way when it comes to global security operations and dealing with global threats.  Considering my experience with these high-level groups, my mission is to bring actionable solutions to businesses everywhere to bolster their current cybersecurity protocols.

My name is Tim Reboulet and I was assigned to Europol Cyber Crimes Center (EC3), in The Hauge, Netherlands, while working as a Senior Special Agent with the US. Secret Service.  I worked with our EU colleagues fighting the war on global cyber-crime.  I was part of an elite group within Europol investigating the world’s most notorious cybercriminals.  This group was called the Joint Cyber Action Task Force (JCAT).

Dealing With Global Threats

I worked intimately with the DOJ (Department of Justice) investigating cyber cases that were global in nature.  I had legal authority while operating at Europol under Mutual Legal Assistance Treaties (MLATS).  There are no borders or time zones that hold back cybercriminals from perpetrating their crimes. Besides actively working cases and developing operational plans to take down threat actors, intelligence sharing between my EU colleagues was critical.  The sharing of intelligence on a global level circulated its way to the state and local levels through partnerships the US. Secret Service has in its communities by running Electronic Crimes Task Forces.

One thing I learned from all of this is we will not win the war alone. Engaging with trusted security firms is crucial since most companies do not have the internal ability to keep up with and defend against intelligent threat actors. Ask the high-level executives and board members within your organization if they view cybersecurity as a priority. If they don’t, then encourage them to involve a security firm that can deliver actionable results.

Do you have access to a Security Operations Center with certified engineers? Does it operate 24/7? Do they have efficient EDR tools? Are you constantly assessing security protocols?

Most companies are ill-prepared for a cyber incident.  The most common cyber events over the last several years remain linked to ransomware and BEC.  If a company waits until the incident occurs, it is too late.  Companies need to hire the right talent who asks the tough questions so a company can proactively prepare themselves before a cyber incident occurs.

All of this may seem complex at first, but simply put, a Security Operations Center as a Service (SOCaaS) is the future of global cybersecurity protection and operational excellence. You can install all the antivirus tools you want, but the value comes in a 24/7 continuous monitoring cycle. When you see vulnerabilities or any security issues within your environment, talking directly to a certified, highly technical engineer is the most concise path to dealing with threats head-on.

This is the model Europol and Interpol operate by, that helps fight the global war on cybercrime.  

Where is the value in a 24/7 SOC?

A 24/7 SOC is very important for reacting to a threat in real-time.  Most companies do not have a 24/7 SOC manned by US-based analysts and engineers.  Instead, they rely on software to send alerts when malicious activity occurs. A 24/7 SOC can help mitigate the amount of time your company is offline or out of service due to a cyber incident.  The typical response time to a cyber incident for companies implementing a 24/7 SOC is 15 minutes whereas some alerts may take days for a response from other firms.

Typically, this malicious activity occurs late at night as a weekend is beginning.  The Kaseya Ransomware attack did just that.  The ransomware was launched going into a long three-day weekend that would allow the threat actor easy manoeuvrability inside a network with little or no detection.


Connect With Us

Featured Articles

Cuttlefish Malware
Cuttlefish Malware: A New Threat to Routers and Traffic Monitoring
24 May 2024
Security Awareness Training
Security Awareness Training Crucial Role
22 May 2024
Phishing Campaign Assessments
Phishing Campaign Assessments Can Be Effective For Companies
20 May 2024
Incident Response Planning
Incident Response Planning: Why It's Important
17 May 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.