What’s next for cybersecurity after the Equifax hack?
On Thursday, September 7, 2017, consumer credit reporting agency, Equifax, reported that consumer data and personal information was stolen due to a cyber attack on the company’s system. The incident, originally detected on July 29, 2017, impacted 143 million U.S. consumers. Much of the information lifted was names, Social Security numbers, birth dates, addresses, and driver’s license numbers. 209,000 credit card numbers were stolen, and 182,000 dispute documents, with personal identifying information. Following Equifax’s independent forensic review of the breach by leading cybersecurity firm, Mandiant, it was determined the illegal access took place between May 2017 and July 2017.
It was also discovered that Equifax knew of an earlier intrusion, in March 2017, involving a payroll related service. The company stated the March breach was not related to the most recent one. However, what raises the eyebrows of many is the timeline of the security breaches, the sales of stock by company executives, and whether the original investigation of the March attack, also performed by Mandiant, was thorough enough, or did it leave the door open for the May hack?
Accounting giant PricewaterhouseCoopers’ Financial Crimes Unit advises organizations should work to identify if their clients’ accounts and information may have been part of the Equifax hack, and address what steps are being taken.
Financial enterprises should work with credit bureaus to identify any compromised client accounts, coordinate with lending and loan parties, and heighten awareness of new checking, trading, and insurance account requests. Clearly communicating with clients about the breach is essential to thwarting any malicious activity on accounts following the incident. PwC advises any client that may be impacted should implement a credit freeze, disabling lenders’ access to credit reports. It is also suggested organizations change security password questions to rely on information that cannot be found on credit reports and to communicate to clients to stay alert for scams, such as emails, that ask for sensitive data.
To mitigate and prevent the next data hack, PwC urges companies to address cybersecurity and anti-fraud controls. This includes encrypting all customer data, even at rest, patch or move vulnerable web applications, use behavior analytics to monitor activity, enhance authentication, implement fraud analytics, and more.
How AI can help
Today’s fraud techniques are becoming faster and more sophisticated. The earlier a threat is detected, the quicker and more effectively it can be thwarted, saving a company millions of dollars, its reputation, and business and industry viability.
Using unsupervised machine learning, Cybraics nLighten platform monitors the network, user, and entity behavior. Powered by Intel, Cybraics nLighten’s advanced security analytics and artificial intelligence shorten dwell time, allowing faster response to malicious activity. For one company, an employee email server was slowly being illegally accessed through a systematic approach by hackers avoiding lockout periods of password attempts. The early detection of the breach by Cybraics nLighten prevented further destructive access.
Intel’s Saffron Natural Intelligence Platform harnesses the power of human-like intelligence with the science of computing to help provide organizations analytics of their data in an understandable manner. Intel Saffron uses human-like reasoning to find hidden patterns in data to make confident decisions. For example, an insurance company needing to identify claims fraud turned to Saffron to prioritize questionable claims. The platform combed through three years of claims, looking at patterns and similarities. Results identified three fraud rings, connecting to a larger fraud conglomerate.
Similarly, a philanthropic organization also used the Saffron Memory Base solution to predict risks and minimize “high risk” scenarios. When the Saffron Cognitive Solution classifies correspondence—an incoming email, for example—as “high risk,” the correspondence is automatically routed to the organization’s analysts. The analysts utilize the solution to determine the root cause of the “threat” or suspicious activity and take appropriate action.
Hackers are getting smarter and shiftier every day. Just as calls for greater security came in the wake of the Equifax hack, the Securities and Exchange Commission also found itself in the midst of a breach. Advanced technology, machine learning, and AI can help financial enterprises protect themselves and their customers in fast, accurate manners. Learn more about everything Intel Financial Solutions can offer.