Enterprise threat and risk monitoring delivers the rewards without the risk.

Author:Henry, Reed
Position::Infosecurity Europe 2010

Businesses are in a precariously risky situation these days. Cyber criminals have evolved their skills and techniques to such an extent that they can breach the four walls of any company at will. Today's cyber attacks are well organised, sophisticated, and targeted, not random, aimed at specific businesses or organisations seeking to steal valuable information for resale or fraudulent use. The 2008 RBS WorldPay incident is a good example o] such an attack. First, ATM account credential information was stolen from a hacked computer system, and then used to make counterfeit ATM cards. Then over a few hour period US$9 million was taken from 2100 ATMs in 280 cities across three continents, leveraging a well-organised group of cashiers spread across the world.

According to one report the revenue generated by cyber criminals approaches US$ 1 trillion annually--it is big business. This new breed of criminal congregates anonymously in underground chat rooms where they can find similarly minded criminals who have particular specialties useful for a particular heist. There are specialists who focus only on producing and supporting malware and various exploits such as phishing and those who offer resources for rent such as botnets or hackers. After the data is stolen the cyber criminal will either sell the information to others who will monetize it through some fraudulent scheme or the criminal will directly attempt to cash it out. Cashing it out involves another set of players, cashers, who then take their cut. The cashers recruit and organise mule bank accounts for wire transfers and the street-level cashers, who withdraw cash from ATMs. With this loosely-coupled and anonymous yet well-organised group of players a cyber criminal can attack any size institution from the largest bank to a neighbourhood insurance agent for a token investment ranging from a few hundred to a few thousand pounds.

So what are businesses doing to ready for the day when they are singled out? Well, for the most part, nothing. Businesses are complacent with the security risks they face. This complacency is businesses' biggest threat and risk. Their energies are focused elsewhere on completing the ten plus year-old business digitisation exercise of implementing ERP and business intelligence projects, and modernising legacy systems. A recent Gartner Group survey of CIOs confirms these technology priorities for the last two years running (2008-2009). So what is going on? These...

To continue reading