Danske Bank fights money laundering with AI
The bank has been on a mission to transform its anti-money laundering
capabilities after substantial illegal transaction activity was uncovered at a
Danske Bank subsidiary in Estonia. The Baltic state made global headlines when
Danske Bank was found to have transferred more than €200bn of suspicious money
through its tiny branch in Tallinn. Danske Bank’s transaction-focused
AML-detection apparatus proved sluggish in identifying account and money
transfer divergence anomalies at the branch in Estonia’s capital. During the
pilot of the platform from Quantexa, Danske Bank improved its ability to
detect suspicious activity in its market trading business in areas such as
foreign exchange, securities and equities. “Harnessing technology
enables us to identify complex financial crime behaviours more effectively.
Running advanced analytics on a wide range of datasets can help us better
detect, investigate and prevent financial crime,” said Satnam Lehal, head of
financial crime detection at Danske Bank. The bank has now taken the
pilot project to the next stage and integrated it with existing
infrastructure.
Cybersecurity: A Bleak 'Progress' Report
The hack appears to be the result of the successful insertion of malware into
SolarWinds' recent updates. The SolarWinds technology is used by the Pentagon,
all five branches of the U.S. military, the State Department, NASA, the NSA,
the Postal Service, the National Oceanic Atmospheric Administration, the
Department of Justice and the Office of the President of the United States,
among others. Plus, it's installed at thousands of companies and organizations
around the world. Perhaps these events will serve as a wake-up call to our
citizenry and bring the severity of our exposure to adversarial cyberattacks
into a more focused picture. Today, I'm recalling watching "60 Minutes"
in February 2015 - an episode titled: "DARPA: Nobody's Safe on the Internet"
with Leslie Stahl interviewing some intriguing guests. A review of that
segment helps to illustrate that some efforts back then were misguided, and
cybersecurity remains very much a work in progress. The "60 Minutes" report
said the Department of Defense had put Dan Kaufman, a former video game
developer, in charge of inventing technology to secure the internet and given
him a staff of 25 "brainiacs" and a budget of $500 million a year to "do
something to help national security" and "make the world a better, safer, more
secure place."
SolarWinds attack explained: And why it was so hard to detect
The attackers kept their malware footprint very low, preferring to steal and
use credentials to perform lateral movement through the network and establish
legitimate remote access. The backdoor was used to deliver a lightweight
malware dropper that has never been seen before and which FireEye has dubbed
TEARDROP. This dropper loads directly in memory and does not leave traces on
the disk. Researchers believe it was used to deploy a customized version of
the Cobalt Strike BEACON payload. Cobalt Strike is a commercial penetration
testing framework and post-exploitation agent designed for red teams that has
also been adopted and used by hackers and sophisticated cybercriminal groups.
To avoid detection, attackers used temporary file replacement techniques to
remotely execute their tools. This means they modified a legitimate utility on
the targeted system with their malicious one, executed it, and then replaced
it back with the legitimate one. A similar technique involved the temporary
modification of system scheduled tasks by updating a legitimate task to
execute a malicious tool and then reverting the task back to its original
configuration.
3 Ways to Build a Buzzing Blockchain Community
Holding a hackathon is a sure-fire way of attracting programming talent and
development activity to a blockchain platform. The concept is popular among
many kinds of tech companies and developers. In the context of blockchain, a
platform’s founders or operators will usually offer some type of incentive to
participants in exchange for their creative contributions. Often,
hackathons have been held as part of blockchain-developer conferences or
events. However, with the social restrictions currently in place, many
projects are forging ahead with remote hackathons, and with a high level of
participation and success. ... Blockchain and cryptocurrencies are chock-full
of jargon, acronyms and technical concepts that can be off-putting to many
newcomers. Not to mention, starting to invest or trade in cryptocurrency comes
with particular risks that everyone should be aware of before they
start. For this reason, those companies that can provide newcomers with
a comprehensive library of educational materials have an opportunity to
inspire loyalty from newcomers. One example is Indian cryptocurrency exchange
Bitbns, which has created its own multimedia academy targeted at those eager
to learn about cryptocurrency.
How To Support a Zero Trust Model with Automation
Zero Trust security architectures are underpinned by a segmented environment
that limits the movements of attackers, isolating them and reducing their
impact. In a Zero Trust environment all users, devices and applications are
assigned a profile, based on techniques like digital identity, device health
verification and application validation. They are then granted restricted
access based on their profile. This prevents attackers from moving around
freely, but it is also a precise and methodical process that provides and
maintains genuine users and resources access, as and when required. Enforcing
granular permissions based on the profile of the user or digital asset is a
complex process. Automation provides the means to perform these actions
programmatically and at scale. It also ensures that new technologies and
solutions can be constantly added either to support, or replace, existing
systems to ensure actions are performed in line with Zero Trust policies.
Faced with a backdrop of emergent threats and an enterprise environment that
is constantly evolving, automation provides the means to adapt quickly.
Policies can be rewritten, while systems and processes can be reconfigured to
deal with sudden changes or requests. This can be done at a micro level,
dealing with very specific issues, or on a broader macro level, dealing with
enterprise-wide issues.
VPNs, MFA & the Realities of Remote Work
As organizations have adapted to remote work and adopted new solutions, it's
critical they understand how their architecture has changed in order to identify
the evolving threat surface. But it's also important to realize that an IT
architecture is like a fingerprint; there are some common types, but ultimately,
they're unique. VPN is more effective for an on-premises environment, while MFA
is more effective for a cloud-based setup. Let's take VPNs as an example. The
most straightforward use case of a VPN is to establish a secure connection to
access corporate infrastructure. You're at home, on your own wireless network,
but you connect through a VPN. The VPN is protected by a firewall device to
access the corporate network. This model works well for organizations that have
a data center and file servers on-site because they can still leverage their
network perimeter to protect it. However, VPN traffic can get more challenging
when you consider the scale of larger organizations. Once hundreds of remote
employees are connecting through VPN, the burden of moving data to a point which
it can be distributed over network traffic can become significant.
CISOs should be ready to confront the psychology of cybersecurity in 2021
Clearly, we need to introduce more support around security awareness,
understand the pressures that employees are under, whether that be
self-inflicted or whether that be because of some external factors that are
going on. This one is also the real challenge of security folks. We’re still
not that good at that kind of emotional intelligence. We love a process, we
love a policy. But we’re still not very great at this touchy, feely, fluffy
emotional space. There’s a real role here for a human resources professional
to get engaged to help deal with this one. ... There is a real leadership
opportunity there to create the right environment that encourages people to
talk about some of those issues. We’ve seen some real progress in that
space. Because let’s face it we all have good days and bad days. I think
encouraging people to talk about that, to share those things is hugely
important as is encouraging people to take breaks, move away from the
screen. We’ve moved into a realm that those kind of things are really
important for us to be picking up on. Some of us are doing it quite
naturally, perhaps, but they are not skillsets that are the strong suits for
CISOs and security professionals.
Cost savings and security are key drivers of MSP adoption
When it comes to budgeting, the three areas of information technology noted as
incurring the most expense by SMB and mid-market company executives are:
information security (60%), data storage (48%), and data analytics/business
intelligence (45%). The IT areas incurring the least expense in budgets are:
application licensing (24%), digital transformation (21%), and data center
automation (21%). “We conducted this survey to better understand the dynamics
of how business executives perceive and select MSPs, as well as how MSPs can
provide the greatest value to their SMBs and mid-market customers,” said
Infrascale CEO Russell P. Reeder. “Based on the results, we recommend that
MSPs continue to lead with solutions focused on security, data storage, and
data analytics. Our most successful MSP partners are enabling their businesses
to be more secure and to always access and analyze their data. The lifeblood
of any business is its data, so it makes sense that securing it, backing it
up, and analyzing it is most important to businesses.”
Supply chain attacks show why you should be wary of third-party providers
"Security is really only as good as the weakest link," says John Titmus,
director of sales engineering EMEA at CrowdStrike, a security vendor.
"Supply chain attacks are getting more widespread and growing in frequency
and sophistication. You need to understand the nature of the risks and
develop a security roadmap around it." Deep Root Analytics, a marketing firm
used by the Republican National Committee, leaked the personal data of 200
million voters in 2017. This is a small company, that, according to its
LinkedIn profile, has fewer than 50 employees. Deep Root Analytics
accidentally put the data on a publicly accessible server. Larger service
companies are also vulnerable. The Verizon breach, which involved six
million customer records, was caused by Nice Systems, a provider of customer
service analytics. Nice put six months of customer service call logs, which
included account and personal information, on a public Amazon S3 storage
server. Nice reports that it has 3,500 employees and provides services to
more than 85% of Fortune 100 customers. Nice is tiny compared to Deloitte,
an accounting firm with more than a quarter million employees.
How Apple’s pending search engine hints at a rise in enterprise search
For many years there’s been a gulf between the tools we use as consumers and
the tools we use as knowledge workers. It’s often a source of frustration: why
is it that at an internet search console, we can find the answer to the most
obtuse and bizarre question we can possibly imagine in seconds through a
couple of clicks of the mouse, yet it takes me ten minutes to find the
document that Jack from Accounts sent me two weeks ago? The answer lies in the
complexity of enterprise search as a function. Behind the veil of the easily
accessible user interface, enterprise search is more complex than it appears
and there are much greater technological challenges to be overcome, despite
the visual similarities with internet search. For example, content online can
easily be categorised by the number of clicks and views a page has received,
in order for relevancy to be established, as traffic volumes are incredibly
high. However, the document that Jack from Accounts sent is unlikely to have
been opened anywhere near as much, so other technologies, such as natural
language processing, need to be relied upon in order to understand the content
of documents and recommend relevancy.
Quote for the day:
"Positive thinking will let you do everything better than negative thinking will." -- Zig Ziglar
No comments:
Post a Comment