Fraud & Identity Fraud & Identity


Fraud & Identity Featured Article


IBM Offers Cyber Security Advice, Solutions

September 11, 2017

The increased incidence of hacks, and the growing sophistication of such events, has put into stark relief just how important it is for people and organizations to secure their applications, data, devices, and networks. But we’re only human, and sometimes we are complacent, or simply don’t want to dedicate the time and resources required to do these kinds of things.


But then a story like the Equifax one comes up and reminds us all of how very damaging a security breach can be for both an organization and its customers. As we learned last night, Equifax this summer was attacked by hackers who were able to access the personal data of a whopping 143 million people in the U.S. Now the company is dealing with the fallout – in terms of a boat load of information requests from angry and confused consumers; a dropping stock price; a loss of reputation; and the need to redirect financial and human resources to work with frustrated consumers, law enforcement officials, and a security investigation team.

Of course, this is just the latest and greatest hack.

The 2017 IBM X-Force Threat Intelligence Index offers us a reminder of other recent cyber security events, particularly in the information and communication technology sector. And it provides tips on how to prevent such situations.

As the Index notes, in October a data storage and web hosting company exposed millions of customer datapoints when it misconfigured a publicly accessible NoSQL database. And, before this company recognized and was able to secure that information, someone posted the data on Twitter, IBM noted.

Of course, this was not an isolated incident for the ICT industry. More than 3.3 billion records were compromised in the ICT arena last year – the most out of all sectors. And almost half of those records were from two breaches from previous years that affected one major web portal company, IBM said.

IBM offers an array of other cyber security statistics in the Index. And Big Blue provides recommendations for how to address security.

One of its suggestions is to test applications throughout their lifecycle.

“The No. 1 attack vector targeting the information and communication technology sector involved attackers attempting to gain unauthorized access through the manipulation of system data structures, such as an application's interaction with a buffer,” said IBM, which noted that its IBM Security AppScan can help address that. “By scanning web and mobile applications prior to deployment, organizations are better able to identify security vulnerabilities and generate reports and fix recommendations,” IBM added.

IBM also pointed to the need for centralized patching and data input sanitization, endpoint detection and response, incident response services, and security and threat intelligence.

“The No. 2 attack vector targeting the information and communication technology sector involved the use of malicious input data such as SQLi or CMDi,” IBM explained. “To mitigate these attacks, patching and maintaining current software versions are essential. The dilemma is that managing and deploying patches for multiple operating systems and applications across hundreds of thousands of endpoints can be challenging for administrators. Fortunately, information and communication technology enterprises can rely on solutions such as IBM BigFix Patch Management to help automate and simplify the patching process.”



Article comments powered by Disqus






Industry Insights

(MobileID) Proactive Fraud Prevention

Interconnect-related fraud such as International Revenue Share Fraud (IRSF) and PBX hacking fraud continue to be a billion dollar problem to the telecom industry.

(Defender Shield) Defense solutions for the modern SMS ecosystem

SMS is a ubiquitous communication method for person-to-person (P2P) text messaging, which has been in use globally for nearly 20 years.

(Defender Shield) Preventing Grey Routes and the Multi-billion dollar Threat

The convenience of mobile messaging has brought communication efficiency to billions of consumers worldwide. As is often the case with widely accepted technologies; however, convenience can provide a vulnerable gateway to fraudulent activity.

Product Documents

Asset Protect

While unlimited or high-volume voice and SMS plans offer great value to subscribers, sometimes fraudsters exploit these plans to avoid paying termination and interconnect fees.

Defender Shield

In a world with ever-increasing Application-to-Person (A2P) messaging needs and competition, improving customer satisfaction and eliminating revenue leakage is key for protecting SMS profits.

MobileID

Accurate and cost-efficient routing of voice calls and SMS is critical. Unfortunately, gathering reliable routing data on ported numbers and keeping up with constant changes in number plans is expensive and time-consuming.

Fraud Solutions

Communications fraud is a $20B annual global problem and growing. Companies are looking for peace of mind so that their business and their customers are protected from the onslaught of technology crime that is damaging their reputations and their balance sheets.