“…they never attack the same place twice. They were testing the fences for weaknesses, scientifically. They remember.”
This quote is from the 1993 film Jurassic Park, where Robert Muldoon (played by actor Robert Peck), is explaining the intelligence of velociraptors enclosed in a state-of-the-art compound….
Cybercriminals aren’t physically confined in compounds, but they do have advanced technology at their fingertips, and they act in exactly the same way: testing your defenses and looking for weaknesses in your technology, processes and colleagues.
They do this by building a picture of you, like a jigsaw puzzle, determining your fraud strategy piece by piece. They’ll start at the edges, looking for quick wins… then they move to the center, perhaps seeking help from cohorts on the dark web offering guides on general jigsaw puzzles, or even the specific one you have.
Suppose we take away the puzzle box with the picture on it so they have no reference. Then we hide some of your pieces and throw in a couple from another puzzle…. By dynamically changing your strategy, your puzzle becomes harder to complete and the criminals must keep starting over, getting frustrated and eventually moving on to easier prey.
Letting cybercriminals through (but ring-fencing them along the way) means that more info can be obtained from them. With more data points available, machine learning, behavioral biometrics and other defenses become more effective because there is a more holistic view of specific criminal behaviors. Then, by comparing those behaviors with genuine customer activity, you become more effective at stopping crime and reducing false alerts.
Causing more friction is usually the last thing financial institutions want, however by increasing friction for fraudsters, you reduce their ROI, make them change their MO and ultimately become more desperate. And desperate people make mistakes.