Paul Henninger, Global Product Director at BAE Systems Detica, looks at trends in cyber security.
The convergence of cyber crime and financial crime is becoming a major issue for global organisations as cyber criminals are increasingly combining techniques for one efficient and effective hack. The evidence for the surge in financial cyber crime couldn’t be more “front page” news after charges were brought against the five men responsible for the biggest cyber fraud case in history, which included a Visa Inc. licensee, J.C. Penney Co, and Nasdaq. With losses estimated at $300 million, this calculated attack highlights how the merging of cyber crime and financial crime is at the core of criminal attempts to compromise the financial system today.
Although launched by a relatively small group of hackers, the effort was a well-orchestrated attack on financial institutions and retailers involved in financial transactions targeting sensitive financial and personal data. Whilst this use of cyber intrusion to collect credit card data isn’t new, the extent of the attack and the scope of financial data involved underscores the fact that the only way to prevent financial fraud is to coordinate cyber security and fraud monitoring systems to triangulate on this attack vector.
'Surveiling' the Solution
Fraud surveillance solutions, by themselves, are not capable of defending effectively against this type of threat; although they might spot the criminals’ attempt to monetize their attack or “cash out”, those solutions are only targeted at behaviour that occurs after a cyber attack has compromised, for example, a customer or financial institution to begin with. Fraud solutions must be used in tandem with, and ideally integrated with, an effective cyber defense designed specifically to protect customer financial information.
The sophistication and success that this small group of hackers achieved also puts a spotlight on the fact that generic cyber defences designed to spot well-known network vulnerabilities are not effective enough against well-funded, determined criminals. Although the indictment and arrest of members of this group represents major progress, there is no doubt – not least because members of this particular group are still at large – that the use of sophisticated cyber intrusion techniques as a key part of financial crime is a threat that we as an industry need to take very seriously.
Data Analytics and Fraud Prevention
Looking at the big picture, data analytics is another element that needs to be added to the defense kit to protect against the convergence of cyber crime and financial crime. Although data analytics have been used for years to detect fraud, the application of big data analytics has become increasingly relevant as fraud attacks now involve a combination of techniques including network compromise, data theft, account takeover and traditional money movement. As a result, banks and insurers are faced with the task of getting a much broader view of fraud in order to control it, with big data providing the most effective way to detect attacks, spot trends, and monitor banking activity for regulatory compliance issues.
For example, recent cyber attacks against banks, such as Denial of Service (DoS) attacks, have been used as a digital smoke screen for high tech theft, to access customer data, and compromise payments systems. These cyber attacks have targeted online banking and other traditional fraud channels.
Insurers have faced similar threats in which criminals have hacked into company networks to access claims and pricing data that they use to lower their cost of doing business. They’ve specifically targeted data related to reducing payments on fraudulent policies and detecting claims fraud based on profiles of past claims that have been paid out and paid out quickly.
Where We Go From Here
Gartner predicts that by 2020, 75% of enterprises' information security budgets will be allocated for rapid detection and response approaches, up from less than 10% in 2012. The data protected by organisations is a prime target for cyber criminals, and the stakes are too high to ignore. Defenses against these attacks increasingly need to be based on multiple techniques including cyber surveillance, fraud surveillance, and big data techniques to spot novel changes in fraudster behaviour. Without this type of strategy, organisations stand a much more limited chance of detecting and preventing damage to their customers when attacks range across many systems and are deliberately designed to avoid detection. As the cyber and fraud criminal worlds converge, so too must the methods used to combat these criminals.
This post was originally written for BAE Systems Detica's Cyber Security Blog