Enterprise fraud will increase in the next year, according to the latest report from the anti-fraud command centre...
(AFCC) of RSA, the security division of EMC.
Cybercriminals are just starting to realise the wider benefits of information that can be stolen from businesses, the AFCC said.
Criminals are moving beyond theft using stolen credentials, said Sam Curry, vice-president of product management and strategy at RSA
"Exploitation of intellectual property, business plans and other enterprise information such as e-mail addresses is evolving rapidly," he said.
E-mail addresses for top executives at US corporations can be sold for up to $50 each, which means an increase in targeted phishing attacks is likely, the AFCC report said.
This evolution is being enabled by the collaborative fraud-as-a-service information-stealing infrastructure that has been established using state-of-the-art technology.
"Cybercriminals are able to innovate much faster than legitimate business because they do not have any inhibitors like regulatory audits," said Curry.
Cybercriminals target online businesses in all sectors and are able to adapt more quickly than ever with advanced crimeware, the AFCC found.
The best defence, said the report, is a combination of multi-factor authentication, activity and transaction monitoring, and an understanding of the threat landscape.
Organisations can better identify their vulnerabilities to prevent or mitigate attack by developing a broad knowledge of potential threats, the report said.
This is best done through industry groupings where security and risk specialists can share information and understand each other within companies and across company boundaries, according to Curry.
Companies should not attempt to go it alone, but should instead understand who they can work with and collaborate to benefit from lessons learned elsewhere.
"The notion that you have to build it all yourself or that you stand alone is a false one. Fortunately, organisations are starting to think differently about problems and work collectively," said Curry.