Data Loss Prevention, Insider Risk

Advanced Solutions for Data Theft and Fraud Detection

By Dr. Christine Izuakor

The threats from data theft and fraud will continue to be a significant concern for all corporate entities in 2020. eCommerce sales, for example, are expected to reach almost one trillion dollars in the next three years, creating a growing opportunity for attackers to capitalize on fraud. A Juniper Research Report regarding online payment fraud trends estimated that digital card, not present fraud (CNP), one of several fraud categories, will reach $130 billion by 2023. Considering these two statistics and keeping in mind that CNP is just one category of many types of fraud, it can be concluded that at a minimum, ten percent of sales will be lost due to fraud.

It’s also been reported that fifty percent of all companies have already been victims of fraud in the last two years. The victims span a wide range of industries and markets with some of the most significant losses impacting the energy sector, professional services companies, manufacturing, construction, insurance, tech, and more

There is one thing in common with all these data points: the risk of fraud continues to trend upward. Previous solutions, while helpful, are not adequately addressing the need to identify data theft and fraud. This calls for more creative and advanced ways to address the threat. The future requires the integration of artificial intelligence, machine learning, and advanced methods like user behavior analytics to enable more predictive threat detection and management.

“Card not present fraud (CNP) will reach $130 billion by 2023”– Juniper Research

Overview of data theft and fraud

Digital fraud and theft are forms of cybercrime that involve creative attack tactics and deception, often for financial or personal gain, to steal valuable assets from an entity. Digital fraud can be targeted at a variety of groups and industries. To an individual consumer, digital fraud is often realized in the form of identity theft where attackers use their information to open new credit card accounts, file fraudulent tax returns, and more.

Corporations may be impacted by fraud in many ways. A few popular examples include business identity theft, executive or employee impersonation, or insider threats stealing from the company. Fraud trends also vary based on the industry, and no one area is exempt. Here are a few examples of fraud across popular sectors:.

Common culprits behind digital fraud and data theft

Fraudsters come from different parts of the world but often have similar motivations. Here are a few common threat actor profiles:

  1. Hacktivists: These are groups who gain unauthorized access to a computer system in order to carry out disruptive actions as a means of achieving political or social goals. For example, hacktivists may commit fraud to deplete the targets budget or negatively impact their reputation for political or social gain.
  2. Insider Threats: The Department of Homeland Security defined an Insider Threat as a current or former employee, contractor, or other business partner (third parties) who has or had authorized access to an organization’s network, system, or data and misused that access to negatively affect the confidentiality, integrity, or availability of the organization’s information or information systems. These threats could be malicious or non-malicious. For example, a malicious Insider Threat committing fraud may be an employee who submits fake business expense reports to collect unauthorized payments from your company. A non-malicious Insider Threat enabling fraud could be an unexpecting employee who receives a fake request for an odd payment from an attacker impersonating your CFO. Instead of double-checking that the request is legitimate, they may make the payment right away under pressure. According to a 2019 Raconteur Report, the average annual cost of Insider Threat attacks increased by 15% in just one year.
  3. Cyber Criminals: Often financially motivated, these are malicious individuals who attack companies using different social and technical hacking techniques to benefit from the attack financially. For example, this could be a malicious attacker who hacks into a company’s network to redirect payments to a fraudulent account accessible by the attacker.
  4. Advanced Persistent Threats: As described by CSO, this is an attack often executed by criminals or nation-states with the intent to steal data or surveil systems over an extended time period. The attacker usually has a specific target and goal, has spent time and resources to identify the vulnerabilities they can exploit to gain access and has designed an attack that will likely remain undetected for a long time. Advanced persistent threat attacks often include highly customized malware. Attackers usually seek to steal government or industrial secrets, and their motive is often either financial gain or political espionage.
  5. Script Kiddies and Generalists: These are individuals who may not have strong programming knowledge and use existing software or attack services to launch an attack. Hacks may also happen “accidentally” or out of curiosity. For example, a novice hacker may, out of curiosity, try hacking into your bank account without the intention of stealing anything.

The average annual cost of insider threat attacks increased by 15% in just one year.

Advanced data theft and fraud detection overview

Detecting data theft and combatting digital fraud in today’s cyber climate requires new and advanced approaches. The keywords for next-generation solutions in this space are machine learning, artificial intelligence, and predictive threat detection.

AI and machine learning

Artificial Intelligence is an umbrella term that is often used to describe the evolution of “smart” technology. AI enables systems to mimic the natural human model of thinking. Machine learning, one of many methods used to build AI, leverage data, and patterns to replicate human behavior with limited human direction. Essentially, the machine can learn from transactions over time and dynamically adapt responses. When you apply these concepts to data loss and fraud detection challenges, great strides can be made towards proactively improving security.

Predictive data loss and fraud detection

Like Veriato Cerebral, solutions that incorporate predictive analytics, AI, and machine learning can discover data loss or fraud attempts before they happen. Just as an advanced surveillance system might show a burglar is walking up to the back door of your home, these solutions can predict and alert that someone may be planning an attack soon. Also, when the relevant context is taken into consideration, the analysis can not only shed light on what might happen before the threat becomes active but also what could happen after. Further, advanced solutions can execute this analysis at a rate that is virtually impossible for human beings to deliver. AI has the power to find a malicious “needle” in an entire haystack of transactions and activities on your network.

Benefits of embracing next-gen approaches to fraud detection

  • Find anomalies effectively: With next-gen solutions, you can actively leverage supervised machine learning algorithms to train and teach models to quickly detect fraud attempts. These algorithms can self-learnfrom targets within the data, flag anything that goes beyond what’s consider normal activity, and then apply this knowledge to new and unseen data.
  • Intelligently evaluate risks: Advanced solutions allow you to apply combined supervised and unsupervised machine learning into a single fraud detection and prevention rating that can help better identify anomalies in evolving data. An example is user behavior analytics (UBA). UBA takes into account specific user transactions and the additional context to detect anomalies and come to intelligent conclusions on the level of risk. This method is especially helpful when attackers are trying to evade traditional detection methods creatively. Unsupervised machine learning provides an added benefit here as it uncovers potentially suspicious risks you might not think to look for since it works and adapts without necessarily being given a target.
  • Continually improve, efficiently: AI-backed fraud detection solutions empower you to take advantage of available big data and insights within your company to scale machine learning algorithms and continuously improve the accuracy of these solutions, as described by SAS Security Intelligence Practice.
  • Speed up and streamline investigations: With the right solution, you’ll have the data and records you need to investigate quickly when a breach does happen.

Examples of solutions already reaping these benefits of next-gen tools include transaction fraud detection technology leveraged in the finance and banking industry, email fraud detection technology, user fraud detection capabilities such as CAPTCHA, and next-gen data loss prevention or insider threat detection technology like Veriato Cerebral. Cerebral is an AI-powered security platform that integrates User Behavior Analytics (UBA) with User Activity Monitoring (UAM), allowing rapid Data Breach Response&and reduction of cyber risk.

Avoiding common pitfalls with a holistic approach

Data breach image

Technology is critical, but it’s not all that matters. Making your data theft and fraud detection efforts a success requires more than a focus on technology. Some of those best practices for data theft and fraud detection include focusing on processes, policies, and standards that prevent both internal and external parties from committing or enabling fraud.

People: Focus on empowering people to reduce the risks of data theft and fraud. This starts with how you hire employees and contractors. Be sure to evaluate whether their morals and values align with the way your company operates, conduct background checks, and ensure you aren’t opening your company up to threats by hiring high-risk individuals. Train employees and contractors and ensure they are aware of the actions they must take to protect your company, and have an established process where suspected fraud can safely be reported. This is especially important in Insider Threat Detection. Lastly, promote and maintain a corporate culture that embodies high moral standards, ethics, and integrity.

Process: Create policies and standards. Having clear expectations and guidelines can help eliminate gray areas that employees may be unsure about. Make moral dilemmas and decisions more straightforward for employees by providing documented guidance they can reference. Also, create processes and standards around technology selection and system development that provide minimum requirements for preventing fraud. For example, a standard measure to help prevent fraud could be that no one employee should have end to end control over a payment process. The standard can require that specific technical controls be implemented in the system to ensure this requirement is enforced.

Picking a solution for your company

The right solution for you depends on a variety of factors, including the risks to your organization, size, the complexity of your operating environment, and other considerations. No matter how large or small your company is or which route you pick, a layered defense is the best defense. When it comes to advanced data loss and fraud detection at the very least, you should be able to watch and monitor activity happening in your environment, analyze it intelligently with the right context, proactively alert on what matters, investigate, and be empowered to take quick action.

Advanced approaches also take into account the user element of cyber risk, making Insider Threat Detection a critical component of your fraud strategy. Check out Veriato Cerebral to learn more about managing fraud, data loss, and Insider Threats at your company.

Insider Risk – How Prepared Are You?

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Dr. Christine Izuakor
Dr. Izuakor is the Senior Manager of Global Security Strategy and Awareness at United Airlines where she plays a critical part in embedding cyber security in United’s culture. She is an adjunct professor of cyber security at Robert Morris University, and independently helps corporations solve a diverse range of strategic cybersecurity challenges.

Insider Risk & Employee Monitoring Resources

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Key Takeaways: Closing the Gaps in Traditional Security Tools: IAM, SIEM, and DLP are vital but insufficient in addressing insider risks. They focus on access control, event logs, and data protection without understanding the behavioral context that signals insider...

Insider Risk Management: Addressing the Human Side of Risk

Insider Risk Management: Addressing the Human Side of Risk

Key Takeaways: Proactive Over Reactive: Shifting from a reactive to a proactive approach is essential in managing insider risks. Continuous monitoring and analysis of human behavior are key to detecting potential insider risks before they escalate. The Power of AI:...