New warning on IT for anti-fraud projects

Companies should store and analyse data about their IT systems to tackle fraud but not use their IT department to do it, according to Martin Sutherland, head of security at Detica.

Companies should build data warehouses based on the data usually discarded by IT departments. This data can be searched to find abnormal behaviour that could suggest fraud. ‘There’s not enough data mining being done like we see with marketing,’ he said.

‘From a fraud perspective this data is interesting because it shows when people log in and where and what they look at and print. It’s good for finding abnormal behaviour.’

Sutherland added: ‘Fraud is the cinderella part of the business – it doesn’t get the money but the marketing people do and they have some technology [CRM] that could be very interesting. The data warehouse should be used to record just about everything.”

But he warned that companies should not use their internal IT staff to set up the project because they could be party to fraud. ‘You should have a separate IT team to look after the projects,’ he said. ‘Internal IT people are a big risk. If you work in IT, you have the opportunity that most users won’t have. It’s not like they are bad or worse but they have the opportunity.’

Detica discovered one case where IT equipment was being ‘sold’ internally inside a multinational company. Although the equipment was only being moved from one division to another, the move was generating a commission for the sales people.

Detica found the same servers were being moved around constantly, generating commission as they went.

Sutherland said: ‘It was a fraud that need the collusion of the IT people but the benefit went to the sales people. It would be hard to see how the sales people could work it out for themselves. You needed to understand the mechanics at an IT level. We weren’t even convinced that the equipment existed in the end – it may have been sold on elsewhere.’

The National Hi-Tech Crime Unit has warned IT staff may become involved with organised crime, either through threats and kidnapping or by being paid to hack business systems.

Related reading

Life Belt with Computer Folders
HMRC banknotes