Each year, insider fraud costs organizations hundreds of billions of dollars. Traders, accountants, purchasing agents, programmers, and even executives could modify financial records, bank accounts, invoices, or payrolls for profit, personal gain or revenge.
|Why You Need Raytheon
Insider Fraud Damages Corporate Brand and Hurts the Bottom Line
At a bank, brokerage, or business, any tampering of financial records or data is an act of fraud. Each organization must be alerted to any signs of invoices, financial statements, or other records being doctored. Under the requirements of Sarbanes-Oxley act, executives must certify a company’s financial results and report on the effectiveness of internal controls over financial reporting. Many national and internal banks wire transfer billions of dollars daily. What would it take for a bank to catch an unscrupulous employee wiring $10 million into his own account? More importantly, what would prevent it from happening again?
Raytheon Monitors the Enterprise for Suspicious Behaviors
Raytheon ships with pre-built policies to detect suspicious behaviors, reporting on all user activities that might be leading indicators of potential fraud. Raytheon policies can be triggered to report and alert on anything that indicates unscrupulous behavior, such as:
Someone committing fraud will take great pains to hide his tracks or disguise what he is doing as legitimate activity. Only Raytheon’s rich incident documentation and video replay allow the administrator to easily distinguish ordinary events from potential fraud, minimizing false positives.
Raytheon Unravels the Most Sophisticated Fraudulent Actions
A bank’s computer programmer took advantage of his privileged access to logon remotely to a branch manager’s desktop and installed a keystroke logger program to collect all keystrokes. Once the branch manager logged back on to her desktop, he successfully captured her user ID and password and copied it to a network file share to retrieve later. He then remotely accessed her desktop to copy and encrypt the account number and password of a major corporate account, representing billions of dollars for the bank. He then uninstalled the keystroke logger from the branch manager’s desktop and removed the event log for the entire sequence to cover his tracks. Although his intent was to divert funds from the hijacked account to his own, specific policies the bank had put in place using Raytheon revealed the programmer’s remote logon to the branch manager’s desktop. Further reporting tracked his installation and removal of the keystroke logger, his copying and pasting activity to a network server, and his emailing encrypted information after business hours. Raytheon’s sophisticated policy engine monitored, captured, reported, and triggered on all of the above seemingly-isolated events for targeted investigation, and the bank was able to step in before any damage occurred.
With Raytheon SureView Replay, the entire sequence of the programmer’s actions put everything into context. The detailed collection of all activity and data provided not only powerful evidence and grounds for prosecution but also the insight to deploy policies to proactively monitor for similar behavior across the enterprise.
Raytheon Monitors Fraud & Theft
SureView captures all endpoint activities and logs minor modifications to any documents. Isolated activities are correlated and brought into video-like replay to evidence fraud and collusion.
Raytheon Services will help design specific policies, train internal staff to spot leading indicators, and assist in investigations.