Bringing the fight to cybercriminals

Clayton Locke, Chief Technology Officer at Intelligent Environments

12.04.2016 10:15 am

cybersecurity

Despite an increase in information security spend, the unfortunate truth is that cyber-crime continues to grow – both in profile and in prevalence. According to the Office for National Statistics (ONS), there were 2.5 million cybercrimes committed in the UK in 2015. This includes breaches to big names such as Sony and TalkTalk – which was hacked three times in one year.

It’s not just major organisations that are suffering at the hands of cybercriminals though, it’s happening to ordinary people too. Our new research has found that one in five British consumers has fallen victim to cybercrime. Londoners are most likely to have been victims, with as many as 27 per cent saying they’ve been affected, while Norwich citizens are the second most likely at 23 per cent. While these proportions are worrying, one positive outcome we can draw is that such incidents are making us more concerned about our online security. The research shows Birmingham residents are the most concerned about cybersecurity, with 57 per cent of residents concerned their online banking details will be stolen. Newcastle is next at 52 per cent, and Edinburgh is third most conscious of cybersecurity at 50 per cent.

While these numbers seem concerning on the outset, the fact that awareness is so high is a good thing, particularly as regards personal banking data, which is a big target for online fraudsters. It’s therefore important that financial organisationsrespond to these concerns by takinggreater action against cybercrime. Banks and financial institutions can play a much more active role in educating customers on how best to keep themselves and their financial information safe while they’re online. Our research shows that almost a third (30 per cent) say they would like their bank to offer advice about how to stay safe online.

There are a number of steps that financial institutions can takeimmediately to address consumer concerns. Introducing biometric security measures, offering advice on what to watch out for when making online purchases and helping customers better understand what do when things go wrong will help improve cybersecurity awareness. To complicate matters however, financial institutions need to be careful to balance improved security against user experience, since too many layers of additional security can make banking a difficult task, which will turn customers off.

Ideally, security should be built around the customer on an individual basis. A more progressive security approach could allow customers to select the security methods they want depending on the task they carry out. So, a balance check could be a simple fingerprint scan, while setting up a standing order to a new payee might also require a password and a memorable number, depending on how secure the customer wanted to make this process.

However, such an approach only addresses the perimeter. Biometrics, passwords and PIN numbers all represent a wall, and to a cybercriminal, a wall is something that can be scaled. Where minimal attention has traditionally been paid is picking up criminal activity within the perimeter, once the criminals have scaled the walls and are inside the premises. Given the sophistication of cybercriminals, we now need to look past the point of entry for hacking threats. Just as with building security where systems include alarm systems and sensors both at the point of entry as well as within the building, banks also need to focus on cybersecurity within the banking application itself.

To try and tackle the problem, our research team has developed an ‘attack-aware’ software called AppSensor, designed specifically to tackle cybersecurity threats in the application tier. It works by monitoring user behaviour for inconsistencies, deploying software sensors at critical points in the banking application to detect valid users who are not using the system as expected. Such a system ‘learns’ patterns of behaviour that are normal for users, and can detect hackers who must probe the system to find weaknesses, thus exposing their presence because the hacker’s behaviour is not what a normal user would do. By knowing what the cybercriminal does when they break in, banks can monitor for this type of activity and sound the alarm when it happens again.

Tackling the threat posed by cybercriminals is high up on the government’s agenda, as well as businesses and financial services institutions. It was last year announced that the UK government will be increasing its spend on cyber security to £1.9 billion in order to protect the country from potentially devastating hacks on a national scale by terrorists – a move that is likely to impact positively on the threat posed to UK consumers.Financial institutions need to follow suit, and declare war on the cybercriminals that are dragging the industry down.

In order for the financial services industry to continue the fight against cybercriminals, it must change its approach from a perimeter-focused solution to one that can detect and neutralise threats in real-time. Our new research helps demonstrate the extent of the problem. The sector needs to evolve, to start using technology that can anticipate and understand the difference between typical user behaviour and criminal behaviour and then have the capability to cope with threats in real-time. By doing so, we can bring the fight to the cybercriminals, and make both financial organisations and their customers safer in the process.