Call of duty: Fighting cyber-crime in the capital markets comes down to AI
Call of duty: Fighting cyber-crime in the capital markets comes down to AI
Currently a war is brewing around the subject of artificial intelligence (AI). Some think it is a danger to society that will affect jobs in the future. Others see it as a force for good, with the power to protect the world against increasingly sophisticated threats. One industry taking the latter view is financial services, particularly in the function of capital markets. 

The devastation caused by cyber-attacks 

According to a study published by the International Organisation of Securities Commissions' (IOSCO) research department and the World Federation of Exchanges Office, around half of the world's securities exchanges were the subject of cyber-attacks last year. The most common method was Denial of Service attacks, which seek to disrupt websites and other computer systems by overwhelming the targeted organisations' networks with a significant amount of computer traffic, and viruses. However, other theft forms reported by the group of exchanges that took the study were website scanning, data theft, and insider information theft. 

Interestingly, none of the exchanges reported financial theft as part of the attacks, however, this, and the threat of large-scale systemic damage, is becoming an increasing possibility, as cyber-criminals adopt more complex and sophisticated methods of attack. 

As cyber-criminals get smarter, the cost of attack is also expected to grow; there is currently limited data on the costs of cyber-crime to securities markets, but the estimation range between US$ 388 billion to US$1 trillion (£286 billion to £738 billion. These costs commonly extend beyond exchanges to the companies listed on them. 

Cognitive computing: how technology is being used to fight back

Surprisingly, there can be positives from cyber-attacks. Companies are more clued-up and prepared from a technology and process perspective on how to cope with the damage they inflict. Some are even going the extra mile to implement new technologies – made up of AI – in order to combat threats more effectively.

An example of using AI for cyber-security in the fiance sector is SIX' rsecurity operations centre (SOC) in Switzerland serving both the Swiss Financial Market and SIX itself. Built using IBM's cognitive computing platform, it aims to help banks tackle cyber-issues whilst complying with strict financial regulations. The network is accessed over a billion times a day and over 30,000 times per second during peak times.

It works by detecting correlations in users accessing their networks and notifies security analysts at the SOC-  who are on standby 24/7 – of suspicious activity that could indicate a potential security threat. The analysts then determine whether the activity has stemmed from a hacker or a genuine error, like someone forgetting their password numerous times.

IBM's Watson technology then compares this potentially suspicious access activity with external data. It analyses factors like where login attempts are coming from, whether they match known attack patterns and if a previous offenders' name appears.

Watson for Cyber Security is different to previous technology. An analyst does not need to spend hours scanning through databases for this information. Instead, the technology can do it in real-time and can analyse unstructured data, such as websites or blogs, to bolster and grow its understanding of new threats and specific incidents.
Having already absorbed over a million documents and being trained in the “language” of cyber-security, it has been able to help analysts dissect a number of natural language research reports that require AI-based technology which have been inaccessible in the past. This in turn has helped analysts to stop attacks much quicker.

Going beyond traditional methods

Using graphics, Watson for Cyber Security also depicts network access activity. The visuals reveal correlations that would otherwise be hidden and difficult to understand with just raw data alone. Analysts then use visualisations to scrutinise data more deeply, allowing for faster and more accurate attack detection. It's hoped that in time, the tool will learn how to devise defence recommendations on its own, not just detect activity as it does now.

Adapting to the new world

The lucrative rewards have made the financial services sector an attractive target for cyber-criminals. The entire industry has a responsibility to act as one to fend off the increasingly growing threat that is not just presented to them, but also to the wider group of business and society, they represent. By using pioneering technologies such as AI, there is a much higher chance that the issues can be controlled before they get out of hand. But if these warnings are not observed, a systemic global catastrophe lurks in the shadows. 

Contributed by Daniel Dahinden, head of corporate development at SIX Securities Services

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media.