Three Steps To Protect Your Network From Hackers
In addition, your security information and event management (SIEM) logs can be used to support active fraud detection. For example, a PBX hacker will have typically written a script that crawls corporate firewalls looking for vulnerabilities, such as open ports. When an opening is detected, the scammer can punch requests at it, hoping to tease out information about system vulnerabilities. Eventually the hacker has enough information to force their way through the firewall. Once the firewall has been breached, the scammers can gain access to the PBX, build a back door into the system, and use it to route as much traffic as they want. However, by defining which events are of interest and how they should be responded to, the SIEM security logs can be used to temporarily adjust your thresholds in order to:
- impose channel limitations;
- enforce a cap on the maximum per-minute cost of a phone call; and
- restrict the amount of credit that a company is extended.
3. Context increases the value of intelligence
With so much information to share, technology plays a vital role in eliminating mistakes and reducing bureaucracy, whilst ensuring sensitive information is kept secure and only made available to the people who need to receive it.
Speed is of the essence – to stop the losses and because there is little benefit to identifying criminals after they have disappeared. But with so much information in the network, how can fraud managers quickly hone into the relevant information and focus on the real fraudsters?
To demonstrate the extent of the attacks that hackers are attempting, the antivirus company McAfee mapped and analyzed real-world attack patterns in order to further leverage the data inside McAfee Global Threat Intelligence (GTI) and better protect their customers. During a three month period, they found:- Every hour, more than 6.7 million attempts were made to entice them into connecting to risky URLs (via emails, browser searches, etc.)
- Every hour, more than 19.2 million infected files were exposed to the networks of McAfee customers;
- Every hour there were 2.3 million attempts by McAfee customers to connect to risky IP addresses, or attempts by risky addresses to connect to customer networks; and
- Every hour, an additional 7 million Potentially Unwanted Programs (PUPs) attempted installation or launch. The scale of the number of attempts underpins the notion that we can no longer depend solely on human judgment.
In addition, automated contextual analysis broadens our perspective when evaluating how to respond to suspicious behavior and provides helpful background information, exactly when it is needed. When fraudsters access your network, the challenge is to single them out of the crowd, especially when they seek to trick your controls by replicating the behavior of ordinary customers.
Conclusion
Telecom fraud managers are confronted with a growing responsibility. Armed with superior data intelligence helps them to reduce fraud, but the criminals are only responding by becoming more devious and by targeting a wider range of victims.
A communications service provider’s first plan of action must be to develop intelligent anti-fraud measures that are built on the foundations of solid security. Instead of following a static policy, CSPs need to be flexible and scalable in order to respond to the current level of threats during normal levels of risk, but also have the ability to deploy more extensive countermeasures when risks are high.
And finally, in order to maximize your detection and prevention efforts, a unified approach to fraud that is tightly coupled with compliance and security is required. From here, CSPs can leverage security insights from first-and third-party applications in order to detect fraud from across multiple products and channels.
Over two hundred years ago Benjamin Franklin said, “An ounce of prevention is worth a pound of cure.” This adage has become even more important in today’s digital world.
