IBM fights cybercrime with its own social media platform

Turning to social media to fight cybersecurity
Turning to social media to fight cybersecurity

Cybercrime costs the global economy $445 billion a year, according to Center for Strategic and International Studies. The face behind those costly attacks is changing.

According to the United Nations Office of Drugs and Crime, 80 percent of cyberattacks is committed by highly organized gangs. On this new battlefield, IBM is trying to arm information security professionals with the weapons they need to repel these coordinated attacks.

"It's not just a scenario of a bored teenager deciding to show off to his or her girlfriend. In many cases, these are organized gangs of thieves," Caleb Barlow, IBM's vice president of mobile management and security, told CNBC in an interview.

Read More Phones top computers in cyberwars: FireEye

Part of cybercriminals' organization includes sharing information to make their attacks more effective, Barlow said. "On the dark side of the Internet, one of the things we see is that they are collaborating to share tools, and to share ideas, and ... data on how to attack," he said.

Technology professionals have struggled to keep pace with the increasing sophistication of cyberattacks. Over 50 percent of cybersecurity professionals say they do not share information about potential breaches with industry groups, according to a survey conducted jointly by vArmour, a cybersecurity company, and consulting group Blue Lava.

Barlow largely agreed with those findings. "The defenders honestly aren't as well organized," he said.

Read More Beware: Downloading that mobile app could cost you

IBM's 'X' Factor

To encourage sharing of cyberthreats, IBM announced a new social media platform last week called X-Force Exchange, which allows information security professionals to collaborate. Included in the platform is a map that shows cyberattacks in real time as they happen around the world.

The new platform works much like the social media site, Pinterest. Users can input information on malicious Internet protocol addresses and malware, and group them by threat type.

Read MoreChina accused of decade of cyber espionage in Asia

Underpinning X-Force Exchange is proprietary IBM data. This includes the 15 billion to 20 billion security events the company monitors daily that have the potential to be malicious, yet aren't all full-fledged breaches. One type of malware stored in the X-Force database has been used to steal thousands of dollars from business bank accounts.

"Large data sets like these are usually held in proprietary forms or maybe are shared [among] folks in a particular industry, like the financial services," Barlow said. "But what we recognize is the importance of sharing this on a much larger scale."

IBM's X-Force Exchange platform announcement comes as Congress is debating new cybersecurity regulation, which includes the Cybersecurity Information Sharing Act. That particular legislation may give companies liability protection when sharing cyberthreat data with the government. Many businesses worry about being more open with threat information because of privacy and liability concerns.

"We can't wait for governments, we can't wait for information sharing teams, we got to act," Barlow said.

Read More One year later, Heartbleed bug still a problem