There are three types of people in the world. One that will look for any opportunity to commit fraud, the second will commit fraud if it looks easy and he could get away with it and the last a person that will commit fraud to make his family survive. Systems do not commit fraud, it is the human factor that needs to be addressed as part of the controls.
If you commit fraud, time is against you… You will get caught.– Mervin Pearce
The term ‘Ghost in the Machine’ refers to the unknown threat in your environment which can be a bad actor or even an application such as a Trojan Horse or other malware. There are a few ways to mitigate your risks, however if you are specifically targeted, standard defenses usually do not protect you against unauthorized access, destruction or disclosure.
Subjects (Users, Applications) and Objects (Resources, Databases, networks, etc) needs to be monitored for unwanted and spurious activity. Exceptions need to be investigated and then the system fine tuned as close as possible to real-time. Logging this to a separate big-data system, User Behavioral Analysis is possible.
As we perform investigations, we also make sure that proper evidence is generated and collected where it was lacking. It is not directly applicable to the current investigation but will make an organisation ‘Forensically Ready’. If users know that they are being monitored, they will be less tempted to commit fraud.
The primary objective of a fraud investigation is to ensure that the evidence gathering process is done as quick as possible and within a legal framework. We work from volatile to non-volatile and would perform the victimology at a later stage.
- The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the information
Contact SACS for a brochure on Fraud Monitoring, Management & Investigations.