The digital landscape is constantly evolving, and with it comes a new wave of cyber threats. Like industries around the globe, DAT is no stranger to the uptick in cyber crime. DAT’s Network Integrity Unit (NIU) has partnered with the FBI to help end fraud such as double brokering or phishing attacks on DAT’s network.
On July 31st, DAT hosted a webinar with the FBI to discuss the state of cyber crime, how the FBI is responding, and what we can all do to keep our organizations safe.
In recent years, the FBI’s focus has shifted from incident response to threat response, aiming to dismantle criminals’ capabilities to commit crimes rather than just dealing with the aftermath. Special agent Yaqub Prowell spoke with attendees about the FBI’s efforts. Here are key takeaways.
Understanding the threat landscape
Cyber crime rates are on the rise, particularly in industries with substantial cash flows. The most significant threats include ransomware and business email compromises. Ransomware attacks are increasingly targeting small and medium-sized businesses, deploying a two-prong attack that holds company data and personally identifiable data for ransom. If the ransom isn’t paid, the data is pushed to the dark web. For a look at how the FBI is tackling ransomware attacks, read FBI director Wray’s statement on the recent Hive Ransomware Takedown.
Business email compromises are essentially social engineering scams. Often, attackers don’t need to infiltrate systems as they can exploit public information. It’s crucial to scrutinize email domain names and ensure they match up with previous contacts at the sender’s company. Remember, it’s not about intelligence, but diligence.
Device vulnerability
Are there devices that are more vulnerable than others? The answer depends on the network. Any connected device is vulnerable to an attack. Companies should consider their network architecture and educate their employees about potential threats. Be aware of suspicious links and requests to move money, and always confirm with the requester before sending funds. When in doubt, call the sender if you’re already familiar with them to confirm they sent an email. Vulnerabilities are based not on technology, but psychology.
The power of education
Threat actors don’t need a huge success rate; they need just one person to slip up to infiltrate an organization. Therefore, no cyber crime succeeds without the misstep of one end-user. Education and training are critical to preventing these incidents.
If you become the victim of a cyber crime, immediately report it to IC3.gov.
Helping the FBI
End-users can assist the FBI by establishing a relationship with their local office. It’s important that you develop this relationship before you need their assistance. Familiarize yourself with the agents responsible for investigating cyber crimes, and when the time comes, tell them immediately after you’re aware of cyber crime activity in your organization. This allows for quick reporting and information sharing about cyber crime. For crimes involving the theft of over $25,000 in assets, the FBI’s Recovery Asset Team has a 74% recovery rate when crimes are reported within 2-3 days. Remember, quick reporting is critical.
Contacting local CISA representatives can also be beneficial, as they have several tools to assist private companies with cyber crimes.
What DAT is doing
At DAT, we’re taking proactive steps to protect against cyber threats via:
- Implementing stronger password criteria
- Providing free cybersecurity training for customers
- Enabling two-factor authentication
- Creating a fraud protection resource library and a live dashboard, where you can check for alerts
- Maintaining a 100% response rate to reports
The digital minefield may seem daunting, but with education, diligence, and the right protections in place, businesses can navigate it safely. For more information, head to dat.com/fraud-protection.