Sharing insider threat indicators: Leveraging SWIFT's messaging platform to combat cyber fraud
Cyber actors are operating under a shared services model giving them access to infrastructure, tools, targets and the ability to monetize their exploits. As a result, organizations across industries must enhance communication channels to share threat information in order to preempt cyber fraud schemes. This requires both an ability to identify the patterns of behavior that indicate cyber fraud activity is occurring and a platform for communicating potential threat information. This research has identified threat indicators of insider behavior to steal sensitive information, trade secrets and perform possible cashout activity indicative of cyber fraud. The findings of this research also indicate member organizations of SWIFT can use the existing SWIFT telecommunications platform to communicate the identified threat indicators, which could warn of cyber fraud activity.