A data breach occurs when a hacker penetrates into a data source and extracts sensitive information. This can be done physically by accessing a computer or network to steal local files, or by bypassing network security remotely.
By Sanjay Kaushik
Corporate frauds are a serious issue nowadays. Every day one can hear about one issue or the other in large to medium size firms and for smaller firms they seldom get reported in the media. These are interesting times for the corporate fraud investigating industry as their business has risen several fold but also has thrown up newer challenges with the changing profile of the fraudsters as well as the availability of cutting edge technologies and modus operandi they adopt.
Studies show that a typical fraudster today is identified as an internal employee, who is in his / her 30s, and is far from retirement. Younger employees deal with high level confidential data on companies as well as high profile individuals, or even their own company, and any bit of deviance from the laid out process can cost all very dearly – both in terms of money as well as reputation. Earlier one needed to physically come to your place to take your money or data, now someone sitting 1000 km away can steal your data at the click of a button.
A data breach occurs when a hacker penetrates into a data source and extracts sensitive information. This can be done physically by accessing a computer or network to steal local files, or by bypassing network security remotely. The hacker protocol typically begins with an examination of the company’s network before the attack, seeking out weaknesses in security to exploit. Once the hacker finds a weakness, he or she attempts to exploit it with either a network or social attack.
A social attack is when the hacker attempts to deceive employees into allowing him into the network, either by giving up passwords or opening malware in the system. A network attack is a direct attack on the computer system to attempt to infiltrate the network. As soon as the hacker is in and as long as they are undetected, he or she is free to search for useful data and extract if from the system. Social attacks involve tricking or baiting employees into giving access to the company’s network. An employee can be duped into giving his/her login credentials or may be fooled into opening a malicious attachment.
It’s a dangerous world out there.
So who is ahead in this race – the fraudster, the company or the investigator? The fact is it is a cat and mouse race – sometime criminals are ahead and sometime technology. The pace with which technology is changing, it is becoming extremely difficult for companies and even investigators to keep pace with it
IT-based tools that have come into heavy use by corporates and investigators for identification of unethical behaviour are social network analysis of the employees and suspects. Data analysis tools like keyword searching, concept clustering, communication pattern analysis, and text analytics, can be of great help and can contribute valuable insight for an investigation.
Also major deployment of software can be seen in companies for continuous monitoring of business communications – that is, key words within emails to addresses external to the company. Such communication monitoring may be considered invasive to the privacy of the workers, but such are times we live in, that corporates and employers are finding it prudent to be on the safer side and keep an eye on what is being talked through the company systems.
One big challenge is that conducting investigations by cyber security experts and investigators is handling of big data. Massive volumes, unstructured data make it harder for non-experts to find fraudulent activities. It needs very well trained investigators who are very good at use of technologies which can shift through the huge amount of data and make sense of it all. With more than 1.4 terabytes of data, the case of Paradise Papers fully illustrates of the new possibilities for the fraud investigation world.
Whatever the challenges for the corporates and even investigators, the basics remain the same. If one follows the basic principles of security – training and awareness – one can be ahead of cyber criminals. That’s the only way out in the fast changing business and social environment today. Prevention is always better than cure.
The author is Managing Director, Netrika Consulting.