By Terence Devereux
Originally published by Credit Union Times
While there is no specific definition for cybercrime, the general understanding is that it is any crime committed or facilitated via the Internet. The Internet has revolutionized the way people, companies and financial institutions perform their day-to-day business, while criminals have found ways to exploit this anonymous, borderless and virtual environment.
The so-called “dark web” has been instrumental in the growth of the cybercrime sector. Its anonymity makes it easier for criminals to share, learn, sell and even trade techniques, attack vectors and vulnerability. There is even evidence of a malware marketplace where cybercrime-as-a-service is offered, with competition among malware vendors driving innovation. Cybercrime has evolved to such an extent that according to an Intel Security commissioned study, it costs the global economy an estimated $400 billion, with approximately 400 million victims and a $113 billion cost to consumers per year.
Cybercrime can be combated with a variety of approaches, but the security industry has introduced one approach favored by organizations and law enforcement agencies alike: Intelligence-driven security with fraud-prevention approaches using behavioral analytics. Intelligence-driven security provides a layered security or holistic model to protect corporations, brands, systems, people and data. Meanwhile, behavioral analytics deliver security based on anomaly detection, which is the capability to sift through large amounts of information (communication, interactions, transactions, etc.) and identify patterns that do not conform to those statistically expected. Typical examples of such behavior anomalies would be network perimeter breaches, unwarranted escalation of privileges, replacement or installation of malware, harvesting of sensitive corporate information and transmission of harvested data across irregular channels.
Behavioral analytics-driven security is where the behavior of devices, people, systems and applications is used to identify anomalies, protecting IT eco systems, users and data alike. Even if attacks can’t be blocked completely, having access to the right intelligence accelerates detection, significantly reducing the attacker’s window of opportunity and minimizing the potential for loss or damage.