Data Breach Prevention and Response Summit , Events , Fraud

Operational Efficiency, Authentication & Fraud Analytics Presented by New York Fraud & Breach Prevention Summit     30 Minutes     Fraudsters are increasingly enhancing their schemes to make detection by traditional fraud models more difficult, and these shifting fraud patterns ultimately result in institutions continuously having to allocate additional resources. Furthermore, Fraud operations and investigations are faced with a constant flux in the volumes of caseloads and the types of investigations required. Organizations need a proactive strategy to effectively and efficiently identify and mitigate fraud risks, enhance client experience, reduce fraud losses and fraud cost, adhere to regulations and combat terrorist financing. Advances in technology, authentication methods, and analytics over the past two years have led to the creation of a potential toolkit to combat this fraudulent trend, but it also present a new challenge to financial institutions. How do they select and incorporate those technologies as part of a rationalized prevention and detection approach? Leading institutions will utilize multiple authentication methods such as biometrics, device fingerprinting, soft tokens and other methods as part of a holistic real-time, risk-based, cross-channel/product approach, thus, reducing user interaction friction, increasing prevention and detection capabilities, and optimizing operation costs. This session will highlight key elements to optimize fraud detection and prevention, including: Increasing operational efficiency and enhancing client experience; Building flexible and scalable operating models; Enhancing authentication across channels and customers, while maintaining the customer experience; Increasing effectiveness of fraud monitoring and analytics; Moving toward a more holistic risk-based approach to managing fraud and financial crime. You might also be interested in … Bitcoin Hack Highlights Cryptocurrency Challenges

The global shortage of experienced cybersecurity professionals is a serious problem that makes fighting emerging cyber threats challenging, says training expert Simone Petrella.

In a recent survey of 775 IT decision makers in eight countries, conducted by Intel Security in partnership with the Center for Strategic and International Studies, 82 percent of respondents said their organizations are struggling with a shortage of staff with cybersecurity skills.

Some 71 percent of those surveyed cited the shortage as responsible for direct and measureable damage to organizations whose lack of cybersecurity talent makes them more desirable hacking targets.

Respondents estimated an average of 15 percent of cybersecurity positions in their organizations could go unfilled through 2020. And more than half of respondents believe that the cybersecurity skills shortage is worse than talent shortages in other IT professions.

Among the issues contributing to the current shortage is a mismatch between skills and emerging cyber trends, says Petrella, chief cyber strategy officer at education services provider CyberVista, who analyzed the survey results.

"For many years, when we consider security, the focus has been on defending our perimeter, like defending the walls of a castle," she says in an interview with Information Security Media Group. "But the skills that are actually required ... [are] significantly more advanced levels of data analysis, technology skills, technical analysis and understanding of malware."

In the interview (see audio player below photo), Petrella also discusses:

Tips for mainstream IT professionals who want to transition into cybersecurity roles; Advice for CISOs and other security leaders who are having difficulty in finding new staff members with the skills they need to keep up with emerging cyber threats; Why many organizations need to pay more attention to retaining cybersecurity talent; Cyber skills challenges faced by highly regulated industries, including healthcare.

Before joining CyberVista, Petrella, an attorney, was a senior associate at Booz Allen Hamilton, where she helped build the firm's cyber fusion center. She also led the firm's cyber threat intelligence business in the national security and defense sectors.

Swindlers trolling social media sites for customers' personally identifiable information play a critical role in facilitating banking fraud, says economist Jane Yao of the American Bankers Association.

"We're seeing increased activity in social media sites," Yao says of the fraudsters. "Those activities ultimately will lead to a fraudulent transaction. If we can capture that information and provide some early warning to the account side, I think that's going to be very helpful information" to battle fraud.

In the interview at Information Security Media Group's Fraud & Breach Prevention Summit in New York, Yao:

Describes how financial institutions can help call centers beat fraud; Discusses the decrease in counterfeit fraud losses as card-not-present fraud rises; and Explains why new technology solutions don't always result in an immediate decrease in fraud.

Yao is senior vice president, benchmarking and survey research, in the ABA's office of the chief economist. She has been with the trade association for more than 31 years. She received a Ph.D. in economics from the University of Maryland.

Anti-Malware , Breach Notification , Breach Response

Russia Claims It's Victim of Cyberattacks Nation Often Blamed for Hacks Offers Details on Breaches It Claims It's Suffered Jeremy Kirk (jeremy_kirk) • August 3, 2016    

Russia often loses the public relations battle when it comes to hacking. It, along with China, are blamed so often for intrusions into Western organizations that it's almost a foregone conclusion when discussing sophisticated cyber spying.

See Also: How to Illuminate Data Risk to Avoid Financial Shocks

But on July 30, Russia took a swing back, saying it, too, has been the victim of a coordinated hacking campaign. The country's Federal Security Service says it has discovered malicious software that infected 20 organizations.

The FSB, which did not indicate who it suspects is behind the attacks, says the targets included public authorities as well as scientific and military institutions. Malware was developed for each specific victim, which was then distributed through malicious attachments in emails, according to the FSB. The malware monitors network traffic, turns on a web cam or microphone and records keystrokes, the agency says.

The Russian-language news release was at best a feeble response to weeks of unending media coverage that has implicated Russia as potentially responsible for the compromises of various Democratic Party systems in the U.S. (see Clinton Campaign Reports Breach). Russia has officially dismissed accusations that it coordinated the release of more than 19,000 internal Democratic National Committee emails that threw the party into turmoil.

But the press release is likely the first time the Russian government has provided such specific details concerning a coordinated cyberattack against organizations in the nation, says Alexey Muraviev, head of the social sciences and security department at Curtin University in Perth, Australia. Until now, the FSB - the country's FBI-equivalent in charge of counterintelligence - and other Russian security agencies have been far more clandestine about such matters than Western agencies, Muraviev says.

"Clearly, the Russians want to demonstrate they are as much of a victim of cyber warfare as anyone else," Muraviev says. "It's very unusual for them to really promote and publicize evidence that they collect."

Western Bias?

The hacking of three entities - the DNC, Hillary Clinton's campaign and the Democratic Congressional Campaign Committee - has raised the prospect that a foreign power might be attempting to influence the U.S. presidential election using stolen data.

Speculation about who's responsible for the recent Democratic Party hacks has been fueled, in part, by research from CrowdStrike, which investigated the DNC compromise.

In recent years, CrowdStrike, Trend Micro, Palo Alto Networks and many other Western security companies have released detailed reports on so-called advanced persistent threat groups.

Drawing on technical data from cyberattacks seen against those companies' customers, the reports have a strong Western tilt. So it's not surprising that adversaries of the West, such as Russia and China, are prime suspects in many cyberattacks. The computer security industries in Russia and China, on the other hand, have rarely accused the West of hack attacks, showing a lopsided view of nation-state hacking, says Jeffrey Carr, CEO at cybersecurity firm Taia Global.

"We never see any APT groups that are assigned to western nations - U.S., the U.K., Germany, Israel," Carr says. "When you look at these spreadsheets that list all of the different threat actor groups, you only see ones from certain countries and you see zero from other countries. This, to me, points out a serious flaw in how we are mapping the threat landscape."

The Exception

There has been one exception among vendors: Kaspersky Lab. The Russian-based anti-virus vendor published research in February 2015 on a hacking collective it calls the Equation Group that seems to link to the West.

The Equation Group's exceptional technical capabilities caused Kaspersky Lab to dub it the "god of cyberespionage." The group, for example, engineered a tool that allowed it to reprogram the hard drive firmware of more than a dozen manufacturers, an impressive effort that could have only been the project of a government, Kaspersky claims.

Kaspersky concluded the Equation Group also had access to the same zero-day vulnerabilities that were used to spread Stuxnet. That malware sabotaged Iran's uranium centrifuges by sending destructive commands to industrial control systems. Believed to have been a joint project between the U.S. and Israel, neither country formally claimed responsibility.

Kaspersky's strong ties with Russia may have made it less reluctant to keep its findings secret. The company never tagged the Equation Group to a country, but its capabilities and targets left few suspects. Many speculated the group is part of the U.S. National Security Agency. The U.S. has acknowledged developing an offensive cyber capability, which it contends is a crucial component of national security.

Taia Global's Carr has often criticized how security companies attribute cyberattacks to countries, arguing that there is often a lack of definitive technical evidence. CrowdStrike says it believes the hacking groups responsible for recent hacks against the Democratic Party may be affiliated with Russia's FSB and GRU, a military intelligence unit. Unless U.S. intelligence agencies, which have much deeper reach than private companies, confirm the findings, they're just an assumption that could have a deep impact on foreign relations, Carr contends.

But the FSB announcement about recent cyberattacks against Russian institutions may be a sign that Russia is no longer going to be quiet about such intrusions - particularly those it suspects come from Western governments - in an effort show that hacking goes both ways. "It makes perfect sense that this would be a tit-for-tat disclosure," Carr says.