Already no stranger to cyber-security, IBM announced Thursday that it was introducing new software and services aimed at new types of customers, like banks and insurance companies, to help them combat fraudsters who steal a whopping $3.5 trillion from them each year. And a good portion of that software is being supplied by Trusteer – the Israeli cyber-security firm IBM bought last year for about $1 billion.
Over the past decade, IBM filed 290 fraud-related research patents. But a new generation of cyber-criminals requires new cyber-solutions, the company said. For example, over 12 million people were victims of identity theft in the US alone in 2012 – with the scams costing them nearly $21 billion. “Each day the US healthcare industry loses $650 million due to fraudulent claims and payments,” the company said.
Those are the kinds of things Trusteer’s technology can help customers avoid, Trusteer CTO Amit Klein told The Times of Israel. Trusteer, established in 2006, is one of the largest security firms working in the online banking space, with customers like Bank of America, Société Générale, INGDirect, HSBC, NatWest, The Royal Bank of Scotland, and many more. It’s to companies like these and others that IBM will now offer advanced cyber-solutions for, said Klein, as Trusteer’s technology is enhanced to meet new threats.
There are several parallels between the new products and technologies IBM is offering and Trusteer’s products and technologies. For example, said Klein, “our products are able to detect when hackers are in a system,” said Klein. “There are specific points that you can check for anomalous behavior, and if you know what to look for you can ambush an attacker, and even find out where they are attacking from.”
Trusteer does this with a big data analysis of system activity, building profiles of normal and anomalous behaviors. In its announcement Thursday, IBM said that its offerings “aggregate big data across a variety of internal and external sources – including mobile, social and online – and apply sophisticated analytics that continuously monitor for fraudulent indicators. The new offerings feature advanced analytics that understand non-obvious relationships and co-occurrences between entities, new enhanced visualization technologies that can identify and connect fraudulent patterns closer to point of operation, and machine learning to help prevent future occurrence based on previous attacks and behaviors,” said IBM — precisely the kind of anomaly analysis Trusteer does.
Today’s attacks, said Klein, are more than one-shot deals. “Hackers today use techniques consistent with the Advanced Persistent Threat (APT) model,” in which hackers gain access to a server and, using various subterfuges, remain there for a long time. “They remain on the server and proceed slowly until they achieve their objective, whether stealing data or controlling a network. Trusteer’s products can root out those attacks on both the server side that is being attacked, as well as from the customer side, when a user’s system has been compromised by malware and is unwittingly being used to attack a server.”
While IBM has been providing enterprise security solutions for years, it hasn’t had as much experience on the consumer side of things, and Trusteer’s software is one of the vehicles IBM is using to reach those customers. “We have both client-side and server-side defense systems, so it’s easy to see why IBM would be interested in what we do. I think IBM is getting a significant footprint in the client side and consumer side, and this is important to them right now,” said Klein.
As part of its new offerings, IBM is providing a suite of security technologies and products to customers in various verticals; thus, it has products aimed at insurance companies, tax authorities, and corporate accounting departments, as well as banks, to root out fraudulent behavior, using technologies from Trusteer, as well as other companies IBM has acquired recently, with the company’s new counter fraud portfolio “built on the company’s unmatched R&D investments,” IBM said.
“With today’s news, IBM is applying many of the same tactics, techniques and procedures used by the intelligence and law enforcement communities to help commercial organizations take a holistic view of this growing and pervasive threat,” said Robert Griffin, Vice President, IBM Industry Solutions. “These technologies allow a line of business leaders to quickly adapt to emerging threats across the entire organization. Our new initiative puts Big Data and Analytics into the hands of those tasked with defending their organizations from financial losses, protecting the brand and delivering exceptional customer service.”