Latest news
The study found that, on average, insiders are on the job for more than five years before they start committing fraud and that it takes nearly three years for their employers to detect their crimes.
The Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector study, funded by the U.S. Department of Homeland Security Science and Technology Directorate, examined technical and behavioral patterns from 80 fraud cases that occurred between 2005 and 2012.
The study found that those committing fraud are taking a "low and slow" approach, escaping detection for long periods of time and costing targeted organizations an average of $382,000 or more, depending on how long the crime goes undetected. Managers and accountants cause the most damage from insider fraud and evade detection longer.
"We also found that nearly 93 percent of fraud incidents were carried out by someone who did not hold a technical position within the organization or have privileged access to organizational systems," said Randy Trzeciak, technical lead of the Insider Threat Research Team.
A reason that these crimes are going undetected may be linked to the fact that technology has played a minimal role in enabling victim organizations to detect insider fraud activity. "Many people think that insider crimes can be addressed solely by technical controls, but the most effective way to prevent and detect insider crimes is to make it an enterprise-wide effort to master both the technical and behavioral aspects of the problem," said Trzeciak.
The study highlights the following findings, which provide insight into how the crimes were committed and the type of people within organizations who committed them:
- Criminals who executed a "low and slow" approach caused more damage and escaped detection for a longer period of time.
- Insiders' methods lacked technical sophistication.
- Fraud by managers differed substantially from fraud by non-managers in terms of the extent of damage and duration.
- Most incidents did not involve collusion.
- Most incidents were detected through an audit, customer complaint, or co-worker suspicion.
- Personally identifiable information (PII) was a prominent target of those committing fraud.
Spotlight
Information security executives need to be strategic thinkers
Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.
Large orgs in denial about own security breaches?
Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.
Vulnerability scanning with PureCloud
Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.
To hack back or not to hack back?
Posted on 12 June 2013. | If you think of cyberspace as a new resource for you and your organization, it makes sense to protect your part of it as best you can. But is it a good idea?
Reactions from the security community to the NSA spying scandal
Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
