Tag Archive for: automation

The Automation of Fraud Attacks

/in


The need for automation of fraud attacks

Legitimate enterprises take advantage of automation to handle repetitive, yet business-critical tasks. They pay top dollars for skilled engineers to build and maintain automated business logic. Fraudsters do the same and commonly leverage botnets to automate part of the workflow that will lead to a successful fraud attack. I even occasionally see legitimate-looking job ads with very competitive salaries, targeting employees of companies that offer bot management products.

Over the years, fraudsters have perfected the art of automation of fraud attacks and on occasion, they go as far as taking advantage of artificial intelligence. Automation is commonly used in the following use cases:

  • Credentials stuffing, also known as credentials enumeration or account checking, is one of the steps that can lead to a full account taken over
  • New accounts creation, which are then reused for various fraud schemes 
  • Gift card enumeration attack against a gift card balance application on an eCommerce web site to steal the credits available
  • Posting Spam content on a forum or review boards

A successful attack on the above use cases requires sending tens of thousands of requests, which cannot realistically be done manually in a cost-effective manner. Just like any regular business, fraudsters always look for ways to scale their operations to maximize their profit. 

Botnets business logic

Botnet sophistication has continuously evolved over the years to defeat bot management or fraud detection products that are now commonly protecting major websites’ most critical endpoints. Global botnets with tens of thousands of nodes with each node sending a limited number of requests per hour (or per day) closely mimicking a legitimate user behavior have become the norm. 

Fraud detection products like Arkose Labs deploy JavaScript on the client-side that collects attributes about the browser and the device, often referred to as a fingerprint. The data collected is evaluated on the server side to differentiate the good from bad traffic. One of the most common techniques fraudsters implement in their botnet to defeat detection is to randomize some of these attributes….

Source…

IT Security Leaders Prioritize Investments in Automation, Zero Trust and API-based Security to Protect a Rapidly Transforming IT Ecosystem

/in


Global Independent Study of 500 Senior Level Respondents Provides Clear Picture for the Future of Network Security

Dallas, Texas | March 23, 2021 | – Distinct priorities have emerged when it comes to responding to the needs of IT security’s rapid transformation, independent research sponsored by FireMon has found. The survey of 500 cybersecurity leaders across North America and EMEA uncovered the key investments organizations are making, and the rationale behind their decisions.

“The study shows that a cocktail of multiplying threats, the proliferation of hybrid and cloud architectures, blended with a pandemic-fueled explosion in distributed and remote work has created a perfect storm for network security teams,” said Satin H. Mirchandani, President and CEO of FireMon.  “It’s no wonder that they’re adding new technologies, architectures, and approaches to ensure their networks remain protected.”

The survey identified five major areas for network security investment:

  • Automation – More than 50 percent of organizations are currently investing in automating policy management to safeguard against inefficient and risky functions and 79 percent say they’ll implement security orchestration and automation within two years to improve agility and responsiveness.

  • Zero Trust – 45 percent of organizations plan to implement a Zero Trust in the next 12 months, adding to the 17 percent of organizations that have already begun this process. The biggest drivers are a greater need for secure remote access (72 percent), reducing cybersecurity risk (70 percent), and supporting the transition to cloud architectures (51 percent).

  • Secure Access Service Edge (SASE) – 85 percent of organizations have either already implemented a SASE platform or plan to do so within two years.

  • Security-Development Misalignment: 82 percent of IT leaders admit their application development (DevOps) and network security operations teams are not well aligned.

  • Heterogeneity and Integration: With growing complexity and heterogeneity, 95% of respondents are concerned about the lack of integration of network security platforms and their IT infrastructure.

From an automation perspective,…

Source…

Mavenir extends AI and analytics portfolio to enable optimization, automation and security of mobile networks

/in


Mavenir extends AI and analytics portfolio to enable optimization, automation and security of mobile networks

Mavenir, the industry’s only end-to-end cloud native network software provider and a leader in accelerating software network transformation for communication service providers (Communication Service Providers , CSPs), today announced its extended portfolio of artificial intelligence (AI) and analytics to enable closed-loop automation and drive digital transformation.

Mavenir’s AI / ML-based security and anti-fraud solutions are taking care of Telefónica Argentina’s continued revenue savings”

AI and machine learning (ML) in the mobile network infrastructure are expected to reduce costs by automating functions that normally require human interaction, and to accelerate new revenue-generating service offerings, becoming increasingly important as open radio access networks (Open RAN) and 5G cores are deployed.

Mavenir’s AI and analytics portfolio includes solutions designed to analyze and derive inferences from large amounts of unstructured data to automate networks, achieve cost savings and build 5G use cases. Many Industry 4.0 use cases, such as Intelligent Video Analytics and AR / VR, are powered by 5G which require AI-based inferences at the tip. Mavenir’s portfolio includes these AI-enabled applications for network automation, intelligent operations, EdgeAI and network security.

  1. Network Automation: Mavenir’s RAN Intelligent Controller (RIC) and Network Data Analytics Function (NWDAF) follow the specifications introduced by the O-RAN Alliance and 3GPP and operate at the heart of a network automation vision. RIC and NWDAF allow the network to dynamically adapt to traffic conditions, using machine learning (ML) based algorithms and applications that can be deployed on any network in a multi-vendor environment. Mavenir’s containerized RIC and NWDAF product features include:
  •    Non-RT RIC: designed to host advanced ML algorithms (rApps) to optimize network performance and train ML models using long-term RAN data for dynamic and adaptive policies to optimize RAN performance.
  •    Near-RT RIC: designed to host trained AI / ML models (xApps) to infer and control functional O-RAN elements in near real time.
  •    NWDAF: designed to…

Source…

DARPA's Cyber Grand Challenge: Expanded Highlights from the Final Event

/in