Cyber Criminals Have Evolving Tactics

Uploaded on 2016-03-08 in FREE TO VIEW, GOVERNMENT-Law Enforcement, NEWS-Cybersecurity News

The financial world should be bracing itself for what is set to be a big year for cyber-crime, according to ThreatMetrix's new report.  

ThreatMetrix's new report has come up with several new insights from the last quarter including the evolution of bot tactics to avoid the traditional defences of lenders and banks.

Online lending has become a major target for cyber-criminals and ThreatMetrix have seen record levels of fraud and bot attacks over the just the last quarter.

The quarterly report compiles data from billions of transactions conducted through the ThreatMetrix Digital Identity Network. Over a three month period, ThreatMetrix detected 21 million fraud attacks and 45 million bot attacks.

SCMagazineUK.com spoke to Dr Stephen Topliss of ThreatMetrix. Bot attacks are one of the newer, scarier threats; they've evolved to evade traditional layered security methods, often raising no alarms to even the best protected of organisations.

Bots have already been around for a long time but “historically the financial institutions and e-commerce have always felt reasonably well protected against them”. Companies would merely put up firewalls and put in place upstream defences. But, Topliss told SC, “bots are starting to change how they work”, becoming far more sophisticated than their predecessors.

‘Low and Slow' attacks are becoming far more popular when it comes to bots, avoiding the traditional security controls which are expecting a full on assault, not reconnaissance. Bots are “manipulating themselves so they're coming from many places, they're only trying to access one account once and testing and moving on so that actually those defences that are currently in place aren't catching them.”

In the wake of any number of headline grabbing breaches last year, the details of millions of people around the world are now cheaply available online in bundles of hundreds of thousands. Cyber-criminals, instead of just using them, are first testing them against a wide range of companies, just to see what they can get. They're not trying to commit fraud initially, Topliss told SC, but “just trying to narrow it down to a thousand credentials” that they can use maliciously.

These tend to be precursors to actual fraud, testing what credentials work on what accounts before going for the kill. On the back of that, identity has become a far more valuable commodity than it might have once been and has meant login attacks have increased considerably.

The biggest payoffs for cyber-criminals were seen in new account origination. Using the great wealth of personal details available for low prices on the darker corners of the internet, cyber-criminals have managed to rack up the largest sums by creating accounts in other people's names. These lucrative assaults have increased in number by 155 percent since last year and have grown in scale by nearly 200 percent.

One continuing theme is the changing nature of finance as lending moves online.

The growth of unorthodox lenders, like payday loan companies and peer-to-peer lenders, has provided consumers and enterprises with new ways of borrowing money, often avoiding the traditional credit checks of banks. It also offers to cyber-criminals a fertile area from which to profit. New account creation proved a very successful tactic for the ill-intentioned here, especially when compared to attacks against traditional lenders.

Topliss says attack rates "are much higher" against  unorthodox lenders on account of the sector's circumvention of traditional identity checks, emphasis on speed and efficiency and heavy focus on online services.

But “traditional banks are providing more and more online services”. Often, one can now apply for credit cards and loans over an online banking portal and increasingly, Topliss told SC, “what we're seeing now is loans and credit cards being [fraudulently] applied for online from existing customer accounts”.

While fingers are often pointed towards China, Russia and Brazil as the most common origins of international cyber-fraud, Topliss told SC that many of the fraud attacks on UK institutions come from inside the UK.

“Predominately it's an in-country attack initially”, says Topliss because "cash outs are easier within the country where the banks are located”.

The report bears this out, listing not China, Russia and Brazil as the principle origins of attack, but Germany, France, the UK and the US.

SC Magazine: http://bit.ly/1UERGm6

« A Cashless Society? Be Careful What You Wish For
Cool Job: Professor of Intelligence Analysis Program at James Madison University »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Competence Center for Applied Security Technology (CAST)

Competence Center for Applied Security Technology (CAST)

CAST offers a range of services in the field of secure modern information technology and a contact point for all questions regarding IT security.

MIT Internet Policy Research Initiative (IPRI)

MIT Internet Policy Research Initiative (IPRI)

IPRI's mission is to work with policy makers and technologists to increase the trustworthiness and effectiveness of interconnected digital systems

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA) offer commercial insurance services including Cyber Liability insurance.

BitSight Technologies

BitSight Technologies

BitSight transforms how companies manage information security risk with objective, verifiable and actionable Security Ratings.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

Bounga Informatics

Bounga Informatics

Bounga Informatics provides Digital Forensics, E-Discovery, and Endpoint Security software, hardware, and training in Singapore and other countries in Asia Pacific.

Adit Ventures

Adit Ventures

Adit Ventures is a venture capital firm with a focus on dynamic growth sectors including AI & Machine Learning, Big Data, Cybersecurity and IoT.

Lattice Semiconductor

Lattice Semiconductor

Lattice Semiconductor solves customer problems across the network, from the Edge to the Cloud, in the growing communications, computing, industrial, automotive and consumer markets.

Fusion Risk Management

Fusion Risk Management

Fusion Risk Management focuses on operational resilience encompassing business continuity, risk management, IT risk, and crisis and incident management.

ClearVector

ClearVector

ClearVector is a leading provider of realtime, identity-driven security for the cloud.

BaXian Group

BaXian Group

BaXian AG is an international consulting company specializing in IT security, data analytics, risk management and compliance.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Aiden Technologies

Aiden Technologies

Aiden simplifies your IT process, giving you peace of mind and security by ensuring your computers get exactly the software they need and nothing else.

Match Systems

Match Systems

Match Systems provides blockchain investigations, KYC, KYT, AML, Due Diligence and compliance services.

Accenture

Accenture

Accenture is a leading global professional services company providing a range of strategy, consulting, digital, technology & operations services and solutions including cybersecurity.

CSIRT-Gnd

CSIRT-Gnd

CSIRT-Gnd provides 24x7 Computer Security Incident Response Services to citizens, companies and government agencies in Grenada.