PYMNTS-MonitorEdge-May-2024

Using Intelligence To Outsmart Cyberthieves

Business Intelligence processes go beyond finding out who’s buying what. In some cases it’s crucial that smaller B2B companies use BI in the never-ending war against cybercrime. Here’s why.

Intelligence is key in any business process, but perhaps among the most urgently necessary when it comes to protecting an organization and its data. And IntSights, which is fresh off a $1.8 million funding round that will help the Israel-based company expand in Europe and the U.S., is at the front lines of the battle.

In a conversation with PYMNTS, Alon Arvatz, the company’s chief product officer, noted that cyberintelligence represents a “critical layer to prevent cyberattacks, as the information we find can drastically decrease the odds” of an attack occurring and finding the initial indications of an attack and their severity levels are among the most important pieces of the puzzle in short-circuiting hacker attacks. As Arvatz noted, “every cyberattack begins on the reconnaissance stage, when smart hackers plan their offensive” before ever mounting an effort to breach the perimeter of an enterprise’s network.

And hacking seems to be egalitarian, at least when it comes to the size of the enterprise under attack. Arvatz said that despite some research that points to smaller firms being more favored as hacking targets, IntSights’ experience has found that, as the firm witnesses hacking across certain types of technological maneuvering and across regions, “from our point of view, it’s obvious that big companies are marked as a specific target by hackers a lot more than small ones. There is more public interest in them, and therefore more people that are unsatisfied with their behavior.”

But, Arvatz continued, “having said that, we are witnessing a lot more hacking activities by ‘opportunist hackers.’” That type of hacker, as Arvatz elaborated, “is one who would hack for fun or for gaining financial information, rather than hackers who target a specific company.”

And it is the “opportunist hackers” that will look most often for smaller prey. They will look for the weaker targets, said Arvatz, as those are the less technologically savvy and are easier to hack (and the hackers themselves may not be inclined to consider other factors). “Since big companies are usually more aware and invest more in security, these hackers will focus more on small companies.”

And in one illustration of how hackers may go after unsuspecting targets via email and focus on the payments side of a business, a scam has emerged that involves cyberthieves posing as legitimate suppliers and issuing fake invoices to be paid. Arvatz noted that that scheme was the subject of a public service announcement from the FBI.

“This type of attack is definitely on a rise,” said Arvatz, who stated that IntSights has been detecting “dozens” of fake domains registered weekly, chiefly for the purpose of sending fake emails and luring potentially lucrative data away from targets. This type of “social” targeting is becoming more widespread as companies spend more time and effort combating viruses, malware and denial-of-service attacks and have been strengthening traditional forms of cybersecurity.

But what happens when an attack truly hits home and infiltrates a company’s best defensive walls? Arvatz told PYMNTS that IntSights steps in at this point to recommend appropriate courses of action, with one feature coming in the form of “one-click” remediation through a dashboard function that helps put the IntSights team in control, remotely, which helps with the removal of threats. And the contact that IntSights makes extends to the third parties who may have gotten a hold of the stolen information — “and in that way we operate in the different websites and pastebins, as well as in the social media pages,” said Arvatz.

PYMNTS-MonitorEdge-May-2024