BAE Systems Detica lists out the top 5 priorities in 2014 for organisations seeking to counter the growing threat from digital criminality.
1. Combating the convergence of cyber crime and financial crime
BAE Systems Detica foresees the rise of digital criminality as fraud becomes increasingly cyber enabled, with digital-savvy criminals using cyber and fraud techniques simultaneously to carry out far more complex crimes than ever before.
While organisations reap the benefits of moving to digital channels, criminals also recognise and understand the vulnerabilities of these channels. Cyber enabled financial fraud will be the most cutting-edge financial crime as we move into 2014, and financial institutions such as payment and card processors will be under sustained and sophisticated attack.
BAE Systems Detica anticipates that many organisations will seek greater integration of cyber and fraud functions internally to counter the threat; it will no longer be sufficient to rely on risk analysis on payment activity without taking into account cyber attacks on financial services payments platforms and networks. In 2014, successful organisations will halt major attacks by pooling together their understanding of cyber attacks and fraud. Others will continue to incur major losses by failing to do so.
2. Understanding the coming of age of intelligence-driven security
The matured enterprise security scenario is encouraging organisations to use cyber intelligence to tune their defences. Official sharing portals, research groups, specialist vendors, open-source and government information are some of the emerging sources. Trust relationships have built up in unlikely places, such as between industry rivals, where all parties acknowledge the benefits of sharing attack indicators. Crowd-sourced behaviour will boom in 2014 across the cyber defence realm.
In 2014, BAE Systems Detica expects to see a significant shift towards intelligence-driven security. Leading organisations will seek greater value from the sources available to them, looking to build efficiencies through technology and common language. Operationalising intelligence will be a key theme, as well as understanding the value that the distinct and varied information sources add. Organisations that can truly integrate security intelligence into their processes will reap the benefits, while focusing on the threats pertinent to each organisation will yield superior defence as well as enhanced awareness across the business community.
3. Handling the transition from espionage to sabotage and increasing attacks on industrial control systems
The growing cyber threat is asymmetric in nature, with attackers often able to act with far more agility than defenders. The year 2014 will see an increasing trend towards cyber sabotage, with attackers seeking to have a direct and overt effect on organisations and nation states’ critical infrastructure. Sabotage has always provided an attractive means for political groups or nation states to achieve advantage by undermining production or distribution capabilities. Sabotage is particularly appealing to these groups as it enables a small group to have a disproportionately large impact on a major entity such as a nation state.
Traditionally, industrial control systems have operated standalone with limited opportunity for remote attack. However, there is an increasing trend towards hyper-connectivity of such systems in order to drive operational efficiencies. This provides a new opportunity for sabotage to be conducted remotely and deniably through cyber space. Internet-connected industrial control systems will be under threat as hackers attempt to compromise the operation of power, utilities, water treatment and manufacturing plants.
4. Facing the collision of mobile threats and enterprise security
Significant events in the mobile threat space in 2013 included the emergence of kits for building mobile malware, cross-platform attacks, which could compromise both Windows and Android systems, Chinese dissidents being targeted with Android malware by espionage actors, and attacks on mobiles by cyber activist groups spreading propaganda messages.
Entering 2014, one observes that attacking mobile devices is rapidly becoming the new normal for many threat actor groups. This is happening at a time when enterprise environments are becoming increasingly reliant on mobile devices, either corporate-owned or through Bring Your Own Device (BYOD) schemes, in order to enable better user experience and efficiency. With security implications still unclear, this intersection of an active threat space and corporate networks will result in further incidents on par with more traditional cyber attacks.
5. Tackling the growing shift towards identity crime
The success of frontline surveillance and authentication to combat payments fraud and EMV will continue to push fraud to identity-based crimes. Bolstered by the cyber-enabled theft of customer data, an increasing part of payments and card fraud will be driven by identity-based schemes that use stolen and synthetic identities to take advantage of financial services firms’ push to acquire customers. This presents a complex problem for financial services firms that extends beyond transactional fraud to a network analysis challenge, as identify theft is typically perpetrated by coordinated gangs. The effects of this fraud are typically buried in credit losses, further complicating efforts to isolate and combat these fraud vectors. 2014 will see a concerted effort to combat identity crime.