November 14, 2017
Cybercrime’s Seismic Shift: The Rapidly Evolving Global Threat Map
Posted June 1, 2017
Breached identity data travels fast — sparking a sudden 35-percent increase in cyberattacks that are rapidly reshaping the global threat map, according to the Q1 2017 Cybercrime Report from ThreatMetrix.
That amounts to more than 130 million attacks in just the first three months of the year.
The report, based on actual attacks detected and stopped within the ThreatMetrix Digital Identity Network from January through March, is widely regarded as a reliable proxy for global attack patterns.
As it happens, the first quarter saw notable advancements within the digital economy, tempered by troubling dynamics that have organizations in every region on alert.
Mobilizing the Global Village
The mobile revolution is definitely picking up speed.
Averaged across industries, a full 45 percent of all online transactions now come from mobile devices, including 53 percent of new account creations.
The financial services industry, in particular, is seeing significant growth in mobile engagement, reporting three times the number of logins made through mobile devices than the same period last year.
Mobile’s momentum is seen worldwide, as is the prevalence of transactions made internationally. Today, 25 percent of all online transactions are now cross-border, underscoring the increasingly global nature of modern business.
Of course, it’s no surprise that progress on the digital frontier can often have associated downsides. What’s astonishing is just how far-reaching (and fast-moving) those downsides can be.
When it comes to cybercrime, density is destiny.
As transaction volumes surge within a geographic region, there’s typically a corresponding increase in cybercrime. So far this year, this dynamic may be more correlation than it is causation. As it happens, other factors are adding plenty of kindling to the fire.
In the past year alone, more than 4 billion personal identity files have been compromised worldwide.
According to the Q1 report, those identity credentials are quickly making their way to the farthest reaches of the world, where they’re being used to hijack existing user accounts or to open fraudulent new ones.
In 2016, there were more than 80 million attacks involving stolen or fake credentials just within the financial services industry — a figure that’s accelerating fast.
Banking, in particular, has seen a significant rise in new account creation fraud this year. A full 10 percent of online bank account creations are now fraudulent.
“We thought this was quite interesting,” said Rebekah Moody, product marketing director for ThreatMetrix, in an on-demand webinar on the evolving cybercrime battleground, sponsored by American Banker. “Perhaps fraudsters are seeing this as a point of weakness where they can have the most impact using stolen identity data.”
Rejected transactions within the sector have spiked 40 percent over last year — driven by attacks on emerging Fintech platforms. Attack vectors are evolving as well, including botnet-based identity testing, ransomware, remote access schemes and more.
In e-commerce, bot attacks alone can make up 90 percent of daily traffic.
The sobering reality is that, worldwide, the cross-industry growth of cyberattacks is now outpacing that of legitimate transactions by 50 percent.
The New World (Dis)order
The proliferation of compromised identity data also has the central hubs of global cybercrime in flux.
Some of the surprises from the Q1 report include:
• Europe has suddenly emerged as a cybercrime linchpin — home base to 50 percent more attack originations than all of North America.
• The U.S. remains the top target for cybercriminals, while attacks launched from within the U.S. are moving beyond just advanced economies, such as Canada and the UK, to target Columbia and other South American countries
• A remarkable number of attacks are now originating from emerging and growth economies, including Azerbaijan, Bangladesh, Croatia, Guatemala, Peru, Israel and more.
• Pacific region nations suffer the highest incidence of identity spoofing and fraudulent account logins — up 135 percent.
• In South America, where 80 percent of all transactions are cross-border, nearly 10 percent of all payment transactions are now fraudulent.
As cybercrime becomes more networked and sophisticated, the exploitation of compromised identity credentials is becoming more automated. Its reach is becoming more global and coordinated, and its attacks are more crushingly effective.
Seeking A New Identity
The truth is, identity data has become the critical currency in global cybercrime, as fraudsters steal or piece together full and convincing identities that they then use to perpetrate attacks.
As a result, authentication will play a crucial role across every industry. But with compromised identity credentials so readily available — and thus unreliable on their own for identity verification — a growing number of organizations are deploying a new generation of digital identity technologies that go much further.
Instead of verifying users based solely on logins, solutions like those from ThreatMetrix offer continuous visibility into the complex associations between users and their devices, locations, activities and hundreds of other dynamic data elements, spanning billions of transactions per month.
“You can think of digital identity as a kind of unique online footprint that a user makes as they transact online with a variety of brands that they have relationships with,” Moody said.
Using behavioral analytics and advanced machine learning, these solutions assess globally crowdsourced, anonymized intelligence to distinguish between trusted users and potential threats — streamlining the online experience for legitimate users while blocking out cybercriminals.
For organizations in some high-attack industries, this has meant reductions in fraud rates of up to 50 percent or more, easier regulatory compliance and millions of dollars in savings. In others, where up to 52 percent of declined transactions turn out to be legitimate, trusted transaction levels can increase as much as 180 percent.
Protecting Today—And Tomorrow
Will it be enough to ward off ever-morphing attacks within a rapidly shifting threat landscape?
Only one thing is certain. Organizations in every region are facing pressure to establish authentication that can offer legitimate users the frictionless experience needed to keep up with the pace of business.
All while neutralizing whatever a dangerous world decides to throw their way next.
To learn more, including insights on how to protect your business through the power of digital identity, check out the ThreatMetrix Q1 2017 Cybercrime Report here.