Igor Baikalov, former head of security intelligence for Bank of America, who is now chief scientist for Securonix, commented on the news of the arrest of several individuals in association with the JP Morgan Chase data breach.
Igor Baikalov, Chief Scientist for Securonix :
“There’s a clear trend of increasing complexity of digital crime. It’s no longer a simple hit-and-run, like account hijacking or indiscriminate spam. Now it’s an elaborate multi-layered, multi-stage fraud scheme that requires a team of criminal specialists to carry out.
Just like money, it evolved from barter trading exchange to global markets and around the clock bitcoin trading. With the fully functioning underground market for malware kits, botnet rental, money mules, and Exploit-As-A-Service offerings, bank robbers of digital age enjoy collaboration, component reuse, and division of labor. The latter makes already challenging attribution of the attack even more difficult: the fact that the network connections originated in one geographic locale or that financial transactions were traced to another one does not necessarily point to the perpetrators, but most likely to various parts of the distributed infrastructure whose legitimate owners might not be even aware of the attack.”[su_box title=”About Securonix” style=”noise” box_color=”#336588″]Securonix is working to radically transform all areas of data security with actionable security intelligence. Our purpose-built advanced security analytics technology mines, enriches, analyzes, scores and visualizes customer data into actionable intelligence on the highest risk threats from within and outside their environment. Using signature-less anomaly detection techniques that track users, account, and system behavior Securonix is able to automatically and accurately detect the most advanced data security and fraud attacks. Globally customers are using Securonix to address the most basic and complex needs around threat detection and monitoring, high privileged activity monitoring, enterprise and web fraud detection, application risk monitoring, and access risk management.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.