Top priorities for organisations to counter digital criminality
Martin Sutherland, Managing Director, BAE Systems Detica highlights that the single biggest issue that will hit organisations in 2014 will be the rise of digital criminality as fraud becomes increasingly cyber enabled. It won’t be possible to look at cyber crime in isolation, as digital-savvy criminals will use cyber and fraud techniques simultaneously to carry out increasingly sophisticated crimes.
1. Combating the convergence of cyber crime and financial crime
The single biggest issue that will hit organisations in 2014 will be the rise of digital criminality as fraud becomes increasingly cyber enabled. That means we’ll see digital-savvy criminals using cyber and fraud techniques simultaneously to carry out far more complex crimes than ever before.
The reality is that just as cyber has become an essential part of the modern legitimate business, with organisations reaping the benefits of moving to digital channels, criminals also recognise and understand the vulnerabilities of those channels. The most cutting-edge financial crime as we move into 2014 will be cyber enabled financial fraud. Financial institutions, such as payment and card processors, are under sustained and sophisticated attack. We anticipate that in 2014 many of these will seek greater integration of cyber and fraud functions internally to counter the threat; it will no longer be sufficient to rely on risk analysis on payment activity without taking into account cyber attacks on financial services payments platforms and networks.
In 2014, successful organisations will halt major attacks by joining up their understanding of cyber attacks and fraud. Others will continue to incur major losses by failing to do so.
2. Understanding the coming of age of intelligence-driven security
As enterprise security has matured, organisations have begun to see the value in using cyber intelligence to tune their defences. Many sources for this have emerged such as official sharing portals, research groups, specialist vendors, open-source and government information. Trust relationships have built up in unlikely places, such as between industry rivals, where all parties acknowledge the benefits of sharing attack indicators. Crowd-sourced behaviour will boom in 2014 across the cyber defence realm.
In 2014 BAE Systems Detica expects to see a significant shift towards intelligence-driven security. Leading organisations will seek greater value from the sources available to them, looking to build efficiencies through technology and common language. Operationalising intelligence will be a key theme, as well as well as understanding the value that the distinct and varied information sources add.
We expect that organisations which can truly integrate security intelligence into their processes will be those who see the benefits most. Focusing on the threats which are pertinent to each organisation will yield superior defence as well as enhanced awareness across the business community.
3. Handling the transition from espionage to sabotage and increasing attacks on Industrial Control Systems
The growing cyber threat is asymmetric in nature, with attackers often able to act with far more agility than defenders. In 2014 we believe that there will be an increasing trend towards cyber sabotage, with attackers seeking to have a direct and overt effect on organisations and nation states’ critical infrastructure. Sabotage has always provided an attractive means for political groups or nation states to achieve advantage by undermining production or distribution capabilities. Similarly, it is also attractive to organised criminals either for straight commercial gain or extortion.
Sabotage is particularly appealing to these groups as it enables a small group to have a disproportionately large impact on a major entity such as a nation state.
Traditionally, industrial control systems operated stand-alone and there has been limited opportunity for remote attack. However, there is an increasing trend towards hyper-connectivity of such systems in order to drive operational efficiencies. This is essential for organisations to survive and grow in the modern world. But, it provides a new opportunity for sabotage to be conducted remotely and deniably through cyber space. Internet-connected industrial control systems will be under threat as hackers attempt to compromise the operation of power, utilities, water treatment and manufacturing plants. 2014 will be an important year to see how business and nation states alike can implement security measures to counter the increased threat of sabotage.
4. Facing the collision of mobile threats and enterprise security
2013 saw some significant events in the mobile threat space – the emergence of kits for building mobile malware, cross-platform attacks which could compromise both Windows and Android systems, Chinese dissidents being targeted with Android malware by espionage actors, attacks on mobiles by cyber activist groups spreading propaganda messages.
We enter 2014 at a point where attacking mobile devices is rapidly becoming the new normal for many threat actor groups. This is happening at a time when enterprise environments are becoming increasingly reliant on mobile devices, either corporate-owned or through BYOD schemes, in order to enable better user experience and efficiency.
The security implications are still unclear and we anticipate this intersection of an active threat space and corporate networks will result in further incidents on a par with more traditional cyber attacks. Whether this is disclosed widely and becomes a wake-up call to employers remains to be seen – many serious incidents are never reported and many more still undiscovered.
5. Tackling the growing shift towards identity crime
The success of front line surveillance and authentication to combat payments fraud and EMV will continue to push fraud to identity-based crimes. Bolstered by the cyber-enabled theft of customer data, an increasing part of payments and card fraud will be driven by identity-based schemes that use stolen and synthetic identities to take advantage of financial services firms’ push to acquire customers.
This presents a complex problem for financial services firms that extends beyond transactional fraud to a network analysis challenge, as identify theft is typically perpetrated by co-ordinated gangs. The effects of this fraud are typically buried in credit losses, further complicating efforts to isolate and combat these fraud vectors. 2014 will see a concerted effort to combat identity crime.