Continuous monitoring can help avoid cyber attacks

BANGALORE: The only realistic way to combat modern cyber fraud methods is continuous monitoring, with comprehensive oversight of user activity, infrastructure events and banking transactions, a senior official at Hewlett Packard's security solutions subsidiary Arcsight said today.

Although cyber-war and cyber-espionage have been in the headlines in recent years, cyber-crime directed at financial institutions and their clients continues to wreak the real havoc on the Internet, Arcsight Regional Director Loke Yeow Wong said.

"Financial fraud cases won't astonish casual observers the same way news of Stuxnet malware infiltrating computer systems to send uranium-enrichment centrifuges spinning out of control does, but financially motivated cyber-crime affects far more people, while enriching immoral people around the world," he said.

The current approach to fraud monitoring has three primary blind spots, he said.

Most of the services pushed by financial firms online have opened avenues for fraudsters to exploit vulnerabilities across banking transaction types, Wong said.

Moreover, financial institutions rarely correlate data between their information security and fraud teams, creating another substantial blind spot, he said.

In addition, he noted that fraud and information security teams alike typically do not perform sophisticated monitoring of privileged accounts.

At present, most banks deal with fraud through dedicated teams for different financial products, such as electronic (ACH) transfers, web banking and wire transfers.

"This specialised model worked well for a long time, as fraud methods were largely specific to one type of transaction," he said.

However, financial services firms should now work toward a comprehensive view of enterprise risk, including both fraud and information security monitoring, he said.