Earlier this year, a hacker broke into a Capital One server, gaining access to 100 million Capital One customer accounts and credit card applications. The personal information that the hacker obtained included information from credit card applications and accounts: credit scores, credit limits, balances, payment history, and contact information.
The hacker was able to access this data because Capital One had misconfigured an Amazon server. It’s an unfortunate turn of events for the company, which had announced their aggressive strategy of not only creating new applications in the Cloud, but also moving all existing applications to Amazon Web Services (AWS) as well. Data security was a key reason for Capital One’s decision to move to AWS. Yet the cause of this data breach was a common vulnerability: people.
Breaches and hacks are inevitable
Since it is nearly impossible to prevent people from always following all of the correct procedures without error, hacks and breaches will continue to happen. Strong data security measures are required for note only preventing information security (InfoSec) threats, but identifying, minimizing, and addressing hacks in progress. Data science has become a necessary tool for InfoSec experts for the related fields of fraud detection, data security, anti-money laundering (AML), and the prevention of other forms of nefarious activity.
Essentially, data science techniques find anomalies in behavior that are suspicious:
- Data security – data science uses logs from firewalls, networks, and applications to find unusal volumes of traffic, and the atypical behavior of network intrusions.
- Fraud detection – data science uses transactions, claims, and other financial records to find unusual patterns, like unusually large transactions or oddly timed transactions outside of the normal pattern.
- Anti-money laundering – data science finds unusual patterns in the “placement” stage of money laundering; in this step, a criminal “places” ill-gotten gains in some legal form in the financial system. Deposits are suspicious when they are consistently below dollar thresholds that would have triggered a bank to complete Suspicious Activity Reports (SARs), for example.
Hackers evolve their techniques
Even a solid data security regimen is vulnerable over time. When faced with a new advance in data security, fraud detection, and AML, hackers invent new ways to penetrate systems, using both high-tech and low-tech approaches to develop new techniques for the next data breach. As innovation increases in technology, new vulnerabilities emerge. As new policies and practices are adopted, hackers find new ways to compromise systems.
Data science evolves, too
Fortunately, data science-driven anomaly detection does not care about the new technology and practices: these techniques are concerned about finding the unusual behavior. As long as hackers and their malware do not always act like everyone else, machine learning techniques for data security, fraud detection, and AML will eventually find suspicious behavior.
In addition, InfoSec experts deploy deceptions—targets that look inviting to a hacker—in the network to observe and learn from hacker behavior. Advanced techniques also learn from new data caused by new behavior to continuously train models to address new threats.
Syntelli is your partner in data security. Our data experts are skilled in advanced techniques for safeguarding data and keeping your business operations secure.