Cyber crime: a war worth fighting


Steve Sawyer, Vice President of International Strategy at Digital Element

The problem with dependence on connected technology is it makes us vulnerable; not only to system failure, but also ghosts in the machine — and we’re not talking Casper. In the last year, 11 companies lost more than a billion data records in 13 breaches, 48% of consumers experienced a data breach, and cyber attacks cost the Asia Pacific region $1.7 trillion collectively.

As digitalisation has brought more everyday tasks online, copious entry points have opened up to digital criminals — and they have become increasingly adept at exploiting them. It goes without saying that battling cyber villains won’t be easy, but businesses can gain a fighting chance of success by shifting focus to the source of crime, not just the fallout.

Is the issue too big to fix?

Companies know that online attacks can damage business revenue and reputation; the latest ESET consumer survey shows 77% would feel negatively about a company after a breach – yet motivation to tackle the hackers seems limited. While Asia Pacific is especially susceptible — home to nearly a third of global digital crime — only 20% of IT and business decision makers view online security investment as a vital business differentiator, and one in five have opted to avert risk by delaying digital transformation efforts entirely.

The most likely reason behind these attitudes is that cyber hazards are now seen as normal and inevitable. Not only have major security incidents become daily headlines, but criminals are also considered too difficult to catch. They can use the web to launch ransomware, take over networks, and illegally access customer accounts via multiple devices — from anywhere in the world. And by leveraging masking techniques, they can do so anonymously. Tools such as Virtual Private Networks (VPNs), proxy servers, Tor networks and Domain Name Systems (DNS) allow malicious actors to disguise their real identity and falsify location.

But reliance on these tactics could be the key to unravelling crime networks and activities, if businesses take the right approach.

One-size-fits-all won’t work

It could be assumed that a fondness for proxies presents an obvious solution. If criminals are known to favour certain techniques, blocking any digital traffic using similar methods ought to be an effective fix. Except there is one crucial hurdle: not all proxy users have nefarious intentions. From anonymous browsing to remotely accessing corporate networks, VPNs are widely adopted by legitimate users for varied purposes, and a popular choice for enhancing online security and privacy; Asia Pacific alone accounts for two-thirds of overall VPN usage.

As a result, halting all VPN users isn’t practical; it increases the danger of real customers, or employees, being mistaken for fraudsters. That’s not to mention the fact it fails to uncover the root of cyber crime. To minimise risk and protect genuine users, companies must find a means of telling them apart — and one of the best tools for that job is IP geolocation.

Location as a crime-fighting tool

As most companies know, the point of VPNs is altering a user’s IP address. So, accurate IP tracing is the best way to unmask criminals — and the basic premise of IP geolocation. Of course, success depends on quality. IP data reliability can fluctuate significantly, especially if data is composed of patched-together publically available information. The most accurate platforms not only ensure third-party data is continually refreshed and anonymised, but also collated from premium sources. When combined with sophisticated traceroute technology, this means data can be harnessed to pinpoint location down to postcode level and gain deep insight about connection traits, such as proxy details, without personally identifying users.

What advantage does this offer?

Once location is identified, criminal detection can begin. At an initial level, this might involve assessing connection type. For example, a hosting centre is meant to be a vehicle for traffic, not a source. So, traffic that originates from it should be reviewed alongside existing records, such as data held in customer relationship management systems (CRMs). Much the same applies to proxies, VPNS and Tors; by evaluating what sort of proxy individuals are using against a premium proxy database, platforms allow firms to distinguish between trusted VPNs and mechanisms often associated with suspicious activity, such as encrypted ‘Tor exit’ gateways.

Going beyond connection characteristics, IP geolocation platforms also enable companies to run comparisons. With retail, for instance, this may include implementing smart rules; where IP location is automatically checked when log-ins are made from high-risk or unusual areas, or evaluated in line with an individual’s bill-to or ship-to address. Alternatively, companies can secure internal networks by tracking velocity patterns: highlighting dubious trends such as individuals who jump between locations at unfeasible speeds or in an illogical order.

Following analysis, businesses can choose their preferred course of action. Any suspicious activity that poses a low-level threat, for instance, can be flagged for additional investigation or confirmation: such as sending an SMS or email that allows users to verify its authenticity. Meanwhile, major threats can be instantly blocked to limit possible damage, prior to review. As well as reducing the likelihood of false positives, this discerning approach demonstrates to consumers that firms are committed to stringent crime prevention.

Connected tech has brought many advantages for companies and consumers; convenience, speed, and constant web access from anywhere. But they are not alone in enjoying these benefits. Criminals are exploring the possibilities ubiquitous connectivity creates, and getting better at infiltrating the machines we rely on. For businesses, this makes cyber crime hard to fight but underscores that the war is worth winning. To prosper in a digital world, firms must equip themselves with tools that identify the hallmarks of digital crime and use them to strip fraudsters of their anonymity without impeding real users, using location as their guide.

About the author

Steve Sawyer, Vice President, International Strategy, Digital Element

Steve is responsible for strategic development of the company’s IP Intelligence and geolocation products across the Europe and Asia-Pacific regions. Steve has been involved in the IP Intelligence industry for more than 15 years, with substantial experience in fraud, gaming and enterprise applications. Of particular note is his leadership in the expansion of business interests across the fast-growing markets in the APAC region, including work with local teams in China and Japan to develop opportunities for the company’s NetAcuity solutions. Steve’s career spans more than a decade in advertising and technology. He worked on the forefront of newspapers’ early online adoption, later moving onto online auction sites as technologies rapidly advanced, and then joining the IP industry in 2002.