Staying ahead of the next cyber attack is no game

Catching a perpetrator before an attack is key to stop any crime spree. But it’s not as easy as it sounds when the perpetrators of cyber attacks are becoming more sophisticated and highly collaborative.

Cyber crime has been named one of the greatest threats to banks, with attacks ranging from politically motivated to targeted attempts to crack financial institutions’ systems.

Earlier this year for example, it was discovered a global cyber crime ring stole US$45 million from two banks by hacking into credit card processing firms and withdrawing money from ATMs in 27 countries.

Banks haven’t failed to notice the threat, and have held recent simulated attacks to test their defences. The Bank of England recently monitored Operation Waking Shark 2, to assess the UK financial services sector’s ability to withstand an online attack, for example.

Financial institutions are also turning to big data to arm themselves against cyber crime. Until recently, the debate around big data has mostly revolved around the opportunity for banks to better understand customers’ needs, but the potential uses of data are endless.

Defence shift

Steve Durbin, vice president at Information Security Forum (ISF) , an independent organisation comprising of companies worldwide, including banks, says data analytics can help identify modern malware and attacks that rely on stealth and the element of surprise.

“With big data, banks can take information from multiple different sources and look for patters and trends. In traditional analysis you might be restricted to your own computing power. You might just have to look at what you’ve got.”

Cyber crime has evolved over the years. When internet banking became prevalent, fraudsters only needed usernames and passwords to break through the systems. But as authentication controls improved, cybercriminals were forced to take a different approach. Trojans, hacking programs that gains access to an operating system, and malware became more common.

Eric Thompson, IT threat strategist for Silver Tail, a software that collects and analyses real-time data from website traffic to provide intelligence, says automated attacks have led to a shift in the way banks are tackle cyber crime.

“Traditional controls, where we identified a method that a group of fraudsters were using, has a limited time frame of success and effectiveness,” he says. “Big data gives a continuous opportunity to learn what they are doing as they do it.” However, Thompson says use of big data to counter cyber crime is still in progress, with each bank managing their risk differently.

“There is a shared consensus across the industry that there is value in big data, but the investment decisions to actually deploy these types of controls are being taken on a bank-by-bank basis.

“Larger institutions that are suffering the impacts of cyber crime have been using big data for about two years, while the smaller organisations are still catching up.”

According to ISF’s Durbin, banks using big data to detect fraud are reluctant to talk about it to avoid revealing what they are able to do. But the use of big data analytics in financial institutions has yet to reach the same degree as in law enforcement.

“It’s still early days, and of course, security departments and large financial institutions are having to cope with a variety of different issues, not least the whole migration of legacy systems to new environments, and demands that are placed upon them through regulation.”

How it works

Thompson says the key to using big data to detect fraud is looking out for a deviation from the norm. “The product is tapped into the bank’s network, so it’s constantly monitoring the data going back and forth between a user and the organisation, for example when a user logs onto her account.

“At each step, you can look at what the user is doing and the context around it. How did they get where they are? What else is happening on the same account at the same time? How quickly are they moving from one place to another?”

Banks then have an alert mechanism integrated to a case management system.

Thompson says adopting big data for cyber crime is a big investment however, with banks needing the talent to manage the large data sets.

“It’s not necessarily an increase in staffing; it’s a re-assessment of the talent that is required to manage the data.”

Regardless of the growing adoption of big data for cyber crime, Durbin says data analytics is only part of the solution.

“A lot of it is about collaboration across industry groups and also with law enforcement and governments. Big data analytics is one of the tools that people can use, but it’s not just one silver bullet,” he says.

“There is also room for some of the traditional methods in terms of identifying and tracking back through online fraud systems to establish the root of where the attacks are coming from.”