Six Cyber Fraud Predictions for 2020
As long as fraud is profitable, breaches will occur.
Last year was a banner year for cyber fraud. In just the first six months of 2019, more than 3,800 breaches exposed 4.1 billion records, with 3.2 billion of those records exposed by just eight breaches. The scale of last year’s data breaches underscores the fact that identity has become the currency of the digital world and data is the fuel that powers the digital economy. What’s also clear looking back on 2019 is that digital identities are continually being compromised on multiple levels.
Combating digital identity fraud is a never-ending challenge, in large part because fraud itself isn’t static. Cyber crime and cyber criminals are always evolving, with attack trends, patterns and targets shifting depending on the current digital economy. With so much in flux and a new year already underway that’s sure to bring new challenges of its own, proactivity is key. The more organizations can anticipate future fraud-related obstacles, the better their offense will be. As such, below are six predictions to keep in mind when updating cyber defense strategies for 2020 and beyond:
Fraud will increasingly fund terrorism. In the year ahead, there will be an increase of fraud and cyber attacks being used to fund terrorism around the globe. As organizations increase their level of insight into the interconnected fraud and organized crime ecosystem, more cases will be uncovered where proceeds from fraud rings are directly and indirectly bankrolling terrorist activity.
Social media will continue to be weaponized. Fraudulent activity and computational propaganda will play a major role in the increasingly polarized political landscape across the globe and in the U.S. presidential election. Election meddling attempts will lead to widespread abuse on social and communication platforms, leveraging sophisticated bots to disseminate misinformation at scale.
New geographical fraud hubs will emerge. The impact of social unrest and regional economic strain will lead to shifts in the levels of fraud originating from certain regions worldwide. Southeast Asia will continue to be a major hub for fraud, alongside a rise in the incentive levels among individuals in South American countries who have been caught up in recent political and economic turmoil.
Digital identity corruption will inspire new fraud prevention strategies. Digital identities have been corrupted at scale and fraudsters have become skilled at bypassing fraud detection systems using their knowledge of the parameters used by organizations. This will lead to many organizations reassessing their fraud prevention strategies, as they deal with the growing gray area between trusted behavior and what is recognized as fraudulent.
Fraud orchestration will reach new levels of complexity. Fraudsters are playing the long game, taking the time to organize sophisticated attacks that don’t initially reveal their fraudulent intent. Multistep attacks mean that the monetization opportunity for a fraudster is not always apparent, making them significantly harder to detect and requiring organizations to carry out more sophisticated anomaly detection across the entire customer journey.
Single request attacks will surge. Fraudsters will leverage next-generation tools to masquerade as legitimate consumers, using single request attacks to obfuscate digital identifiers such as Internet protocol address and device fingerprints. This year will bring more attacks that do not display traditional telltale signs of being connected to fraud—requiring more robust authentication steps to protect organizations from fraud.
Perhaps most importantly, a key theme for 2020 is that as long as there is money to be made in fraud, breaches will continue to occur. The solution across all industries, then, lies in defenses that directly attack the return on investment available to fraudsters. By devising cyber defense strategies that undermine the financial incentive of both lone fraudsters and organized crime rings, organizations stand a chance in the perpetual fight against cyber crime.
Kevin Gosschalk is CEO, Arkose Labs