Rachel Wilson: Sleepless Nights and Cyber Threats

If you are someone who tends to shrug off cyber threats, just listen to Rachel Wilson. Your nights may be less restful.

Wilson should know about the dangers lurking behind your computer screens. She is the first-ever head of cyber security for Morgan Stanley Wealth Management and she spent years at the National Security Agency (NSA), where she spied on and hacked the computer systems of terrorists and other enemies of the United States.

She spoke to a packed house during the opening session of the 33rd Annual ACFE Global Fraud Conference in Nashville on Tuesday, and she didn’t mince her words about the rising risks we all face from fraudsters in this space.

“What we are up against is unlike I have never seen in my 20 plus year career in this space,” she said. “These are dire times, and I don’t think we have seen the worst of it yet.”

Here are some facts that keep a cyber expert like Wilson up at night.

NORTH KOREA’S FRAUDULENT FUNDING

North Korea may be cut off from the global economy amid stiff sanctions for its development of a nuclear program. But its government has other ways to fund itself — hacking banks throughout the world. According to Wilson, an estimated 7,000 people within the North Korean government are dedicated, fulltime hackers. Many of them are recruited as young as 11 years old and are torn away from their families to be trained as bank hackers.  That sort of dedication means that the so-called Hermit Kingdom has become very adept at this particular skill. Last year, the United Nations published a report supporting the allegations of 27 countries, which asserted that the North Korean government had targeted their central banks to the tune of more than $3 billion over the last three years. “All of that money went into their missile and nuclear programs — reasons why all of us need to be on our toes,” she said.

IRAN DISRUPTS

Iran does not necessarily hack for monetary gain, but it has found this to be an easy way to disrupt and attack its enemies, particularly the United States. Building a nuclear program or sailing an aircraft carrier into New York harbor are lengthy and expensive projects. But putting 40 hackers in a basement to wreak havoc through denial-of-service (DoS) attacks is simple and efficient. Iran did this between 2012-2014 to Wall Street banks, and could do it again if there are renewed tensions with the U.S., Wilson stressed.

CRIMINALS MOVE IN

But the real change over the past five years has been the entrance of criminals. They are now the predominant players performing this type of offensive cyber activity —  and they are doing it purely for financial gain. Unlike the clock-and-dagger operations that occur between nations, this type of fraud impacts us all. “Now 70% of this malicious cyber activity we see on the internet is financially motivated and coming after all of you in your corporate, professional and personal capacity,” said Wilson.

              Who are these criminal hackers? Often, they are the same people who lend their expertise to governments in China, Russia and North Korea. Government pay may be poor, but these hackers can use their skills to supplement their income once they get home.

“This is essentially a democratization of very advanced cyber capabilities that are now available for sale and rent on the dark web,” noted Wilson. “These fraudsters are using these capabilities like our kids learn how to use new toys. They are watching YouTube videos and they are leveraging these capabilities that were once the bastion of nation states but are now broadly available.”

BE VIGILANT

At a time when we increasingly use computers and mobile phones for everything from remote working to banking to shopping, we must all be more vigilant than ever to potential fraudulent activity. However, many of us are unprepared to protect ourselves from the advances of cybercriminals

              Wilson recalled how one fraud examiner admitted to her that she still uses the same password she has used over the past decade, and she uses it everywhere. It is a habit that is all too common and can land you in trouble as fraudsters, who regularly buy stolen passwords on the dark web, know this all too well. That’s why password hygiene is so important, said Wilson, who recommends using a password management system.

              And avoiding the internet altogether isn’t the solution, either. Wilson says that it is better to bank online, for example, rather than receive statements and send checks, which can be stolen and put to ill use by fraudsters. “We looked at all of the fraud that our customers experienced over the course of the pandemic, and we could reduce those numbers by a shocking 70% by simply getting rid of two particular pieces of paper: paper statements and personal checks,” said Wilson.

              This year Wilson is also keeping a sharp eye on Russia. While it appears that the Russian cyberattacks many had expected in the wake of the Ukraine have failed to materialize, there may be more to this than meets the eye. “Perhaps some of the activity that we can’t quite put our finger on might actually be nation-state sponsored,” she posited. “The Russians have a long track record of covering up what are in fact government cyberattacks as criminal activity. And with the spread of cybercriminal activity this has been easier to do”

Indeed, attacks that appear criminal may in fact be intended to hurt U.S. industries. As an example of this, Wilson notes that a year ago banks would have said that 30-40% of accounts opened on a particular day would be fraudulent. In the last four months, the volume of fraudulent account opening has hit 90-95%.

That means that operational costs to attend to fraudulent activity is becoming exorbitant. “If we are spending $10 to prevent $1 of fraud, who is winning? Certainly not us,” said Wilson. “If it has gotten to the point, as it did in February, where multiple large American banks shut down their online new-account-opening flow, that is effectively a denial-of-service attack. I don’t think it’s a coincidence that is happening at exactly the same time that you had millions of Ukrainian refugees seeking to open bank accounts in the United States.”

Food for thought.