The shifting face of cybercrime

What is the foremost myth associated with cybercrime? One hundred per cent cyber security. Establishing a completely secure environment can be tough to achieve and should not, in an ideal world, be the objective. Instead, one must establish the capability and strategy to deal with incidents and minimise threat, loss and reputational damage.

Cybercrime comprises a range of illegal digital activities targeted at individuals and businesses in order to cause harm. The term applies to a wide range of targets and attack methods. It can range from simple website defacement to more serious activities, such as service disruption that can impact personal and business revenues, including electronic banking wrongdoings.

Transgressions are further compounded by the fact that the footprint of the digital landscape is constantly evolving. Private and public sector organisations find it hard to believe they could be a target of choice or opportunity for cybercrime. Adversary sophistication increases, but many businesses still only react after the event. Few businesses have the capability to anticipate cybercrimes and implement proactive strategies despite prevention being a more cost-effective approach.

Digital footprints can facilitate financial crime investigations. For example, forging or manipulating financial statements/records may give an advantage to a given vendor in return for a monetary backhander or the submission of false expense claims. It is now accepted that nearly every action associated with fraudulent activity will be chronicled at numerous places in an organisation’s network. This digital footprint can be used to investigate and uncover wrongdoing. It can also empower anti-fraud vetting systems to advance in order to keep in touch with the criminal echelons’ newest efforts to preserve their clandestine goings-on and to obfuscate their digital footprint.

But, huge volumes of data are of next to no use to investigators and lawyers looking to identify and catch wrongdoers. Only when it is collected in a forensically sound manner and analysed in a timely fashion can digital artifacts, key patterns and relationships be identified. If done correctly, an individual’s or a group’s digital footprint can be used to reveal wrongdoing—ideally before losses are incurred and reputations are damaged.

Over the last year, and especially during the pandemic, there have been many cybercrimes on new digital channels that replicate the common fraud patterns previously observed over traditional channels. To combat this, should businesses look to integrate financial and cybercrime operations?

Financial crime and cybercrime teams have shared adversaries and frequently endeavor to join forces by sharing intelligence and making the best of investigative tools. However, they have usually occupied parallel operating spaces with different reporting lines, methodologies and tools.

A number of financial institutions and the US Secret Service have been dipping their toes in the water, looking at joining their financial and cybercrime teams. One example is the combining of fraud predictive analytics tools and cybercrime intelligence to spot IP addresses and payment patterns, thus detecting mule accounts and preventing money laundering. These investigative tools are a match for each other, and when used in tandem, they're a commanding defense against insider threats and external fraud.

Although the thought of functioning together may be possible in small steps, governing financial crime and cybercrime under the same umbrella necessitates the two entities establish a common ground. In the past, this has been a barrier to stronger integration, raising the cost of each function. With businesses looking at a cost crush, as they endure and try to recover from the pandemic, internal roles are now under pressure to find alternative solutions.

The combining of investigative capabilities could be started at the governance level by sharing risk indicators and reporting to reduce operational costs and deliver an all-inclusive view of the overall exposure to cybercrime, and in particular financial crime.

Inculcating the essential cybercrime prevention culture in the wider business necessitates the identical categories of staff training, awareness drives, metrics and policy strategies as those that work for financial crime and wrongdoing.

Is there an opening to use cybercrime investigation techniques in financial crime investigations? What interviewing skills can cyber take from financial crime investigations to apply in cybercrime investigations? What digital evidence is available for financial crime investigators to use? Can cybercrime investigators be used to train financial crime teams in insider threat response and early case assessment with regard to employees exiting a company?

Financial crime is becoming increasingly cyber-enabled, and the wrongdoers we seek to identify and stop take advantage from our having to play catchup. Some are even now acting to establish the integration of investigative teams, leveraging tools, skills, and data across the domains of financial and cybercrime. Nevertheless, rebranding existing teams and creating new centers of excellence against wrongdoing will entail a momentous change, especially with regard to investigative methodologies, technology, ethos and risk governance.

?