Digital crime in 2015: Industry predictions - fragmentation, specialism and big data

Published: Mon, 29 Dec 2014 by Rad

The past five years have seen an increasing industrialisation of the cyber criminal marketplace. Specialisms such as malware authoring, counter-AV testing, exploit kits, spamming, hosting, money-muling, and card cloning are becoming miniature markets of their own. Crime as a service is a reality, lowering the barrier to entry for budding criminals and fuelling the growing threat, year after year.

Law enforcement action has done well to date by focusing on the big problem sets and causing significant disruption to these activities. In 2015, BAE Systems Applied Intelligence anticipates these efforts will cause a fragmentation in the market as criminal actors split into smaller units using newly developed and more resilient capabilities. We believe this will present a greater challenge for the security community. We also see the need for law enforcement to find ways to drive efficiency and automation into their intelligence collection and analysis work streams. This should enable them to ramp up the number of simultaneous investigations and make disruption a ‘business as usual’ activity.

Hyper regulation

In the context of millions of dollars in fines, financial institutions now have an imperative to actively search out criminals such as money launderers, rather than simply being compliant with regulatory guidance. We believe more organisations will hire more big hitters from the law enforcement and national security world to show they are serious about stopping the criminals.

Building in security from the start

One of the most disruptive forces in the coming generation will be the growth in interconnectivity of machines, data, and people. Known as the “Internet of Things” (IoT) or the “Internet of Everything” (IoE), this disruption is expected to bring us the next industrial revolution whereby automation and orchestration of many tasks in manufacturing, retail, transport and the home lead to greater efficiency and massive productivity gains. Little stands in the way of this advance in technology; however security professionals are already voicing concern about both the systematic risks of greater connectivity, as well as the risks to life with machines such as cars and medical equipment becoming part of the connected world.

"We anticipate that 2015 will see increased focus on building in security-from-the-start for the next industrial revolution; security professionals will be tasked with finding solutions for protecting critical systems and national scale infrastructure."

Significant deception efforts

Cyber threat reporting and public whitepapers have grown in regularity and prominence during 2014. One of the key parts to a contemporary threat report is attribution – the small details in the code and attack behaviour which give away clues as to the perpetrators of attack campaigns. What should be a scientific process is still more of an art, with technical indicators mixed in with contextual information and cultural references providing hints which are picked up by researchers. Attackers read the resulting public reports as well, we can see evidence of this from the shifts in behaviour which occur immediately afterwards

Big data on the rise

We anticipate 2015 to be crunch time for Big Data crunching – where those who are still running at the prototype phase are expected to deliver more towards specific business use-cases to justify continued investment. This will focus minds from ‘getting more data in’ to ‘getting more out of existing data’. There will be a shift from technologies which enable storage and basic reporting to those which enable meaningful intelligence to be extracted. Use-cases such as network monitoring, fraud-detection, and security analytics will be popular – driven by the increasing overlap between cyber threats and other risks and more focused board-level attention on managing cyber security across the business.

Predicting crime with Big Data

Crime has patterns just like everything else humans do when we're viewed as a large enough group. Thus, while individual behavior can be hard to predict, determining the average behavior of a population and then matching individuals to that template to determine “fit” can be surprisingly accurate.

This is the world of predictive analytics; the scientific version of a crystal ball. Instead of peering into a glass globe you peer into (ideally) massive amounts of data and using Big Data mining techniques such as statistics, modeling, and machine learning you look for patterns that are indicative of current or future behavior.

The main contribution of the proposed approach lies in using aggregated and anonymized human behavioral data derived from mobile network activity to tackle the crime prediction problem. While previous research reports have used either background historical knowledge or offenders' profiling, our findings support the hypothesis that aggregated human behavioral data captured from the mobile network infrastructure, in combination with basic demographic information, can be used to predict crime. In our experimental results with real crime data from London we obtain an accuracy of almost 70% when predicting whether a specific area in the city will be a crime hotspot or not. Moreover, we provide a discussion of the implications of our findings for data-driven crime analysis.

Our previous news stories