Cybercrime Networks, Emulating Legit Businesses, Emerge as Growth Industry

At a time when the cybersecurity talent deficit is significant and the need for a skilled workforce steadily expanding come news of a related growth industry: cybercrime.

The latest edition of the Atlanta-based LexisNexis Risk Solutions Cybercrime Report, covering January-June 2019, provides insights from its Digital Identity Network and highlights a dramatic shift towards networked, cross-organizational and cross-industry fraud. The report (formerly published by ThreatMetrix, which LexisNexis Risk Solutions purchased in 2018) analyzed 277 million human-initiated cybercrime attacks, a 13% increase in fraudulent activity compared to the previous six months.

Spotlighted is how criminal networks now emulate legitimate enterprises with a finance department dealing with money laundering, procurement enlisting money mules and engineering developing cutting-edge attacks to bypass the latest cyberdefense advances. According to Cybersecurity Ventures, cited in the LexisNexis report, this growth industry is set to cost the world over $6 trillion annually by 2021.

The report acknowledged how “Cybercrime has emerged as an industry in its own right and, according to Cybersecurity Ventures will be one of the biggest challenges that humanity will face over the next two decades.”

In addition, the LexisNexis Identity Abuse Index presented how the percentage of attacks per day, across the entire Digital Identity Network, provide a good indication of how attack patterns have changed and evolved over the past two years, and the effect large data breaches have on global cybercrime.

“The Digital Identity Network recorded a much more benign environment in the first half of 2019 in comparison to the two preceding years, with 2017 and 2018 dominated by high volume bot attacks originating from diverse and emerging economies,” the report maintained. The smaller peaks in 2018 are attributable to attacks originating from new geographies, indicating the extensive dispersal of breached identity data across the globe.

However, the report noted although the first six months of 2019 were less volatile than previous years, it did record a significant spike in June. Recorded as the highest peak in attacks over the last two years, a virtual gift card provider’s targeting by a series of bot attacks tested different email addresses from just one IP address. “Interestingly, the attack originated in the U.S., as shown in the IP based location, but the browser language was set to Russian,” the report said.

A gamechanger for cybercrime is mobile, which the Cybercrime Report noted has been no less than revolutionary in terms of the global digital economy and its impact on businesses and consumers. “Mobile will, however, continue its revolutionary march; 5G networks will fuel new operational models, architectures and service delivery models.” The report pointed out 5G may also, however, create new opportunities for fraudsters trying to exploit weaknesses and target devices which may be without robust security defenses. “Indeed, fraudsters could gain entry to homes via a raft of IoT devices.” There is also concern that fraudsters will target data in transit, hijacking devices to steal customer credentials, capture credit card numbers and infect networks with malware.

“While the Digital Identity Network continues to demonstrate the benefit of strong mobile penetration across markets and geographies, organizations must ensure that the volume shift to mobile transacting does not open up vulnerabilities to cybercriminals looking to capitalize on this change in customer behavior,” the report suggested.

The Digital Identity Network also recorded two smaller peaks in attacks in the first six months of 2019: in January, a global e-commerce merchant was the main mark for a series of bot attacks coming from the U.S., Chile, Switzerland and Canada. These bots tried forging new account creations from desktop devices, by means of stolen identity credentials. In February, fraudsters employed device spoofing and IP spoofing to go after a multinational bank, with the strikes originating from the U.S.

The Digital Identity Network said, “The strongest correlation of fraud continues to be across organizations within the same industry, particularly banking, lending and stock brokerage.” The report noted banking in particular has a high level of shared fraud with nearly all other industries. “Bank accounts are an integral part of financial crime, enabling and facilitating the laundering of money and proceeds of crime.

How organization defend against these increasingly sophisticated networks of fraudsters? “Single point solutions are no match to this networked cybercrime, with fraudsters adept at masking themselves as legitimate and trusted customers in order to maximize monetary gain and minimize detection,” the Cybercrime Report held. “The most robust solution to this growing problem is a layered defense of fraud, identity and authentication capabilities, executable in near real time, and across the entire customer journey.”

The report added this relies on unifying world-class digital identity intelligence, physical identity and authentication capabilities that can help businesses meet regulatory requirements, streamline the customer experience and detect complex and evolving fraud.