Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Networking

    Cyber-Fraud Trends, Defenses Debated at Cyber-Defense Summit

    By
    Fahmida Y. Rashid
    -
    September 15, 2011
    Share
    Facebook
    Twitter
    Linkedin

      Cyber-crime continues to flourish as perpetrators continually evolve new attacks and scams to compromise users and steal money and information, but there are certain things enterprises can do to protect themselves, security experts said at a cyber-defense summit.

      Financial cyber-fraud, insider threats to corporations, risk assessment and the costs of cyber-crime were some of the topics covered at the New York Metro InfraGard Cyber-Defense Summit in New York City on Sept. 14. The event focused on current threats facing organizations and providing information on how to prevent future occurrences.

      Some types of cyber-fraud such as identity theft, and check and payment card fraud have been declining since 2006, said David Nelson, a specialist with the Federal Deposit Insurance Corporation’s Cyber-Fraud and Financial Crimes section.

      The decline is partly a result of the improvements financial institutions have made in their security practices such as implementing new anti-fraud technology, said Nelson. Increased adoption of regulations, such as the Payment Card Industry Data Security Standards (PCI-DSS) and the guidelines from the Federal Financial Institutions Examination Council (FFIEC), have helped financial institutions secure customer accounts from theft. Organizations are also sharing more information with each other and law-enforcement agencies, making it much easier to recognize fraud and investigate incidents.

      However, criminals are innovative and flexible, so instead of giving up, they’ve switched targets, according to Nelson.

      Online account takeover attempts have been increasing each year, with estimated losses approaching $114 billion in 2010. Attackers are relying on various social-engineering tactics to trick users into clicking on a phishing or spear-phishing email, opening an attachment containing a malicious Adobe document or opening a link posted on the social networking sites, said Nelson. More than half of all wire-fraud activity tends to be initiated by attackers after compromising an online bank account, he added.

      Contrary to popular belief, the money is not going straight to China, Korea or another international destination. In fact, domestic transfer accounts for 40 percent of fraudulent wire activity, with funds being transferred to other institutions around the country, such as New York City.

      The good news is that banks are winning for the time being, said Nelson.

      Losses from online bank account takeovers in the first quarter of 2011 were nearly half the losses in the fourth quarter of 2010. Financial institutions were doing a much better job stopping fraud in the first quarter, as only 27 percent of incidents went undetected, compared with 40 percent in the fourth quarter of 2011.

      It’s not just banks that are uncovering incidents, as customers, vendors and service providers and law enforcement are also vigilant and reporting fraud.

      Many banks and credit unions have implemented multiple layers of security controls, deployed virtual browsers that cannot be easily compromised to their customers for online banking and installed anomaly-detection systems on their network, according to Nelson. Customer education and awareness programs are also having an effect.

      These are “controls that are working” and should continue to be deployed, said Nelson. However, organizations need to continue monitoring and assessing risk.

      A recent study from the Financial Services Information Sharing and Analysis Center found that financial institutions are doing a better job of stopping funds from leaving the institution even after the cyber-criminal creates the fake transaction. In 2009, financial institutions managed to stop funds from actually being transferred only 20 percent of the time. The number rose to 36 percent in the first six months of 2010, the survey found.

      Larry Ponemon, founder of the research firm Ponemon Institute, discussed his organization’s cost of cyber-crime study that was released early August. The study, found that the median cost of cyber-crime for a benchmark sample of organizations was $5.9 million per year, a 56 percent increase from the median reported in July 2010.

      All industries fall victim to cyber-crime, including malware, Web-based attacks, botnets and stolen devices, according to Ponemon. Information theft was the biggest external cost, and recovery and detection activities were the biggest internal cost, the study found.

      Organizations should be “vigilant” about new risks but should not forget about “old problems,” said James DeFalco, an examining officer with the Federal Reserve Bank of New York. Unpatched or forgotten machines are likely to be infected first and allow attackers to conduct attacks from inside the firewall, according to DeFalco.

      Avatar
      Fahmida Y. Rashid

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×