Understandably, we’ve all become a little more accustomed to using the “bad” adjective over the last three years. Why? Let’s take a quick inventory.
We suffered through the Covid isolation, inflation took off, banks failed, the macro continues to be stubbornly unpredictable, and more and more of our businesses are under constant cybercriminal attacks. And, to that last point, the forecast is “continued attacks with a high probability of fraud, IP theft, mass misinformation, or disruption for the foreseeable future.”
Why the gloomy forecast? Our threat landscape continues to rapidly evolve. We now operate in a cyber threat environment where cybercriminals, opportunistic hackers, and DIY fraud enthusiasts huddle together all over online social channels and willfully share tools, data, techniques, and “how to” videos. Layer in the abundant personal data cheaply available to the antagonists, and it’s a world appropriately defined not just as “bad” but as “bad at scale.”
Oh, and by the way, it’s so easy for these bad antagonists to proliferate.
Now more than ever, fending off the dynamic cybercrime network requires the same collaboration that has become so common among the adversaries. In this escalating “arms race,” experts, technologies, and strategies are all working together to defend against digital threats. I recently joined forces at Arkose Accelerate with Snap’s Nick Reva, Chime’s Charles Kirk, and Yahoo’s Anuj Batra to dig into how the protectors are working to defeat the underground economy of cybercrime-as-a-service (CaaS).
Because together, we can stop the attackers cold.
Takeaway #1 The goal isn’t always “take the money and run.”
“When you have a large social platform, [attackers look for the] opportunity to spread madness.”
– Nick Reva, Head of Corporate Security, Snap
Not all attacks are created equally. No doubt, many attacks aim to stuff the cybercriminals’ pockets. It’s why account takeover, SMS toll fraud, and inventory hoarding are so rampant and lucrative. But some of our antagonists are driven simply to influence a decision or push a product. Others are extortionists. Still other fraudsters are hacktivists, ideologues, or even Nation States antagonistic to our interests, and all they want to do is cause chaos, like when they take over social media accounts so they can spread salacious content or influence us with a deluge of misinformation.
Understanding that motivation is critical to how we respond. We don’t want to act like a pendulum, over-responding and swinging too far in one direction, and then under-responding in the other direction. It’s all about consistently keeping our consumers protected during their digital journey and safeguarding our company brand.
Takeway #2 “Bad at scale” is the world we live in.
“People love getting into other people's inboxes.”
– Anuj Batra, Vice President of Product Management, Yahoo
As much as we in the security world collaborate, so do the bad actors. They're pooling their skills. They’re sharing tools. They’re forming underground communities. It's no longer just about technical chops. The attackers can create an account in the shadows of the dark web, snag a bundle of wicked tools, and boom – they’re in business.
And their business is to hurt ours!
If they succeed, it ultimately ends up hurting all of us on a massive scale. Because along with our mobile numbers, financial accounts, and social media accounts, few things are as ubiquitous or persistent as our email addresses. They're the new social security number – how we identify ourselves online and typically the principal anchor for our digital identities. The brand damage associated with compromised email accounts is dramatic.
Takeway #3 AI is upping the game for both good and evil.
“Security is like playing whack a mole. It's all about iterating faster than the other side.”
– Anuj Batra, Vice President of Product Management, Yahoo
AI is everywhere, and the evolution we've seen over the past year is career-changing in the challenges it's creating for cybersecurity teams. AI is making it much harder to spot phishing emails or SMS messages written by non-native English speakers, for instance.
But AI can be a force for good. As our security network works to find the right balance between keeping things smooth for users and ensuring top-notch protection, AI promises perks for the customer experience. For example, think about a friendlier way for our customers to recover their accounts when they're locked out – there’s potential for AI to make it super easy for them to get back in.
Takeaway #4: SMS measurements need to happen at the mothership.
“SMS toll fraud is like this mystical hidden world of providers and routers and layers.”
– Nick Reva, Head of Corporate Security, Snap
SMS toll fraud is on an incredible trajectory. The Arkose Labs global intelligence network is seeing huge increases in attempted SMS toll fraud. And it’s not industry specific because anyone with an SMS workflow is subject to an SMS toll fraud attack by the new consortium of unscrupulous carriers, fraudsters, and cheap bots.
The attackers get a bunch of expensive toll numbers from the carriers, find the SMS workflow, pump in the bots and rake in the cash. They take their cut, and the carriers rake in the profits. Before working with Arkose Labs, one company was even considering halting operations outright in one high-risk country, despite the damage that might do to their global brand. Others have told us that their entire regional profits have been eviscerated by SMS toll fraud…wow, a profitable region hammered to the point of losses!
Part of what makes SMS toll fraud so dangerous is that our colleagues paying the bill assume that the registration process must be working when the SMS bill goes up. Our businesses must create a feedback loop that can tell when there’s a legitimate increase instead of, say, why suddenly all the registrations are coming from Kazakhstan or some other high-risk country.
Takeaway #5: Our network beats their network.
“We're looking to the community and the industry to help assess what our strongest tools to defend against this are.”
– Charles Kirk, Director of Engineering, Chime
The cybercrime network is a daunting adversary. But when the cybersecurity community teams up, we become a formidable force. All of us are better served when we're sharing information than if we're trying to do it on our own.
Here at Arkose Labs, our global intelligence network presents a broader view of the traffic and helps spot patterns at a level beyond what just one company can do. Side by side with our customers, our Security Operations Center (SOC) tackles problems head-on so we can proactively catch issues. And events like Arkose Accelerate, which bring together thought leaders and operators at the tip of the spear of protecting our businesses and our consumers, help us all share deep domain knowledge and expertise.
Bottom line, despite the quick evolutions in attack vectors and the persistence of our adversary, when we work together to federate threat data, implement the right standard of measure and review cadence, and implement best-in-class detect and challenge technology that operates at scale, we are unstoppable!
A huge thank you to our panel experts who are in the fight daily!
To find out more, watch the on-demand webinar Arkose Accelerate, The Network Effect in Cybersecurity!
Share The Blog
