Connect with us
Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Technology

Spotting and Stopping Hackers

kroll

By E.J. Hilbert II, Managing Director Kroll Cyber EMEA

krollYou slip into your favorite coffee shop to escape the afternoon weather, enjoy some java goodness and use the free Wi-Fi to catch up on the latest gossip site, sports page or conduct a little online shopping. To your dismay, you are not the only person sharing that thought and the place is packed. Young and old, professionals and hipsters, the place is heaving and everyone is on their computer, iPad or mobile device and connected to the web. Just as you find a place to sit, plug in and surf the web, the police come rushing in and arrest four of the patrons. All four are different – young, old, male, female, professional and casual. And all are hackers.

Nowadays, any person who uses a computer to commit a crime such as stalking, stealing personal data, launching a computer virus or reading someone else’s emails is labeled a “hacker”.

The term “hacker” was once used solely to describe individuals who could gain entry into a computer system to either alter the system or remove data from it. A hacker was technically savvy, driven by the challenge of gaining entry. Any theft was primarily to prove their exploit, a souvenir if you will. Hackers generally hack for 5 reasons:

  1. Curiosity or ‘just because’- let’s take it apart and see how it works
  2. Reputation – to prove to others they can do it
  3. To steal something of value- for profit or to build their reputation, or both
  4. To steal services – hack company A to then hack Company B and cover their tracks
  5. It’s their job – they are paid to be a Thief, Bug Finder, Penetration Tester, Cyber Warrior or Cyber Spy

In the late 90’s as e-commerce developed, the financially motivated “hacker” also emerged. Most financial crimes, up until then, involved being physically involved in the theft of money, or credit cards, etc. Suddenly, they could steal money online by taking credit card data, making online purchases, scheduling deliveries and then selling the goods back online.

The financially motivated “hackers” are thieves and fraudsters committing the same crimes they have always carried out, but now the data comes from a computer rather than a filing cabinet or a desk or a purse/wallet. In many cases, the person who steals the data is not the main perpetrator running the fraud scheme. Instead, they are selling the data or are part of an organized team of criminals involved in converting the data into cash or covering their tracks.

As for “hackers” who attack corporations to obtain confidential information and cause reputational damage, be they insiders or external, the key is gaining entry. Once inside, they can do as they please. Sometimes the “hack” is simply being given an account with more access than they need, like giving them a key that opens every office and filing cabinet in the building.

More appropriate terms for “hackers” might be cyber criminals or cyber spies or even cyber warriors, but the term “hackers” sounds dramatic and scary, therefore all criminals who use computers are called “hackers.”

Now putting semantics aside, how do you spot and stop hackers?

Put simply, you apply the same methods as you would when spotting and stopping “ordinary” thieves.

Hackers, no matter what their motivation, need one thing to fulfill their mission. They need access to their victims’ computers and data. They get access by tricking people into providing information via various means such as sending intriguing emails to entice employees into installing password stealing software on their computers.

Once the criminals gain access, their aim is to get what they want and get out without anyone noticing.

Companies need to know what information they have on their systems, who has access to it, who is accessing it and for what purpose. The concepts are data visibility, access control, monitoring and data lock-down.

Just as a company has security guards monitoring the parameter of a building, checking ID’s, logging who enters and leaves the building and watching security monitors, the same precautions should be taken for data.

If Mary Jane is logged in from her work computer and the same credentials are used to log in from an external location, a red flag should immediately appear.

If Joe Smith is uploading or downloading a large amount of data for the first time, those responsible for data security should be alerted.

When an issue is discovered, an effective response plan needs to be activated to minimize the damage.
Unfortunately “hackers” are very adept at blending in to their surroundings and are therefore extremely difficult to spot. The solution to the growing problem of cyber-crime is to have a robust detection and response plan in place so you’re always one step ahead.

 

 

 

 

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking and Finance Review, Alpha House, Greater London, SE1 1LB, https://www.globalbankingandfinance.com/. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post