Fraud News Update 03.24.17 – This week’s edition features: Academic Fraud (bogus journals and editors), Cybersecurity Strategy (is the best defense a good offense?),Wrongful Birth (crazy sperm?), Dormant Data (sleeper cells sitting on it), Executive Concern (Employees Sending Data to Wrong Person) and Highlights (from our recent social media feed).
As leaders in the fraud consulting arena, read on for more topical information and our insights, observations and unique commentary on some of the weekly fraud news stories.
Like our content? Feel free to share Fraud News Updates with your network or colleagues.
Last week my middle school age son came home asking for help on an in class presentation he and four other students were doing on academic fraud.
Of course, after a little questioning, I determined that his definition of academic fraud was a bit different from my initial interpretation, which was leaning more towards plagiarism and faked research-scientific study results.
Come to find out, he was talking about people impersonating professors, which for all intensive purposes roughly translated to con men (or women) and interestingly the name he was tasked with researching had pulled off this feat at no less than five places.
Today, however, comes another, interesting take on academic fraud: fake editors, publishers and publications. See how several academics called these bogus practices into question using a research study to highlight the shady publishing practices and credential fakery going on in academia today.
Is the Best Defense a Good Offense?
Well, that’s how the old adage goes. While some folks currently subscribe to this philosophy, others clearly do not and are more hesitant to implement offensive counter attack measures.
One things certain, experts definitely do not agree and there’s certainly a lot of debate about “hacking back” as part of your corporate cybersecurity strategy. Does going on the offensive make good sense for your business or does that open up a whole new can of worms that your legal department would just as soon avoid?!
This piece examines the question in a bit more detail along with dialog about proposed cyber legislation. Totally get why some folks like the offensive minded, “attack back” strategy but not sure yet how it plays out in corporate America at the moment.
Legal departments, however, are currently utilizing the Computer Fraud and Abuse Act (CFAA) as an offensive tool in certain situations for civil litigation.
Wrongful Birth Cases
I guess this is what happens when you mess with the human process, or more specifically genetics.
In reviewing some of the discussions about lawsuits filed, it would appear that people utilizing sperm bank services are really seeking the perfect specimen (pun intended!). So much for meeting someone in person and doing your own due diligence.
Now, recipients clearly want to know more about the donor’s genetics and background, placing the onus for donor backgrounds squarely on the sperm bank. That brings up an interesting hypothetical question. If a donor lies about their background, whose responsibility is it? The people collecting the sample or the donor?
I guess that’s what courts are for.
Many years ago, corporate investigations units learned that it was not that unusual for foreign entities involved in data theft to sit on the data for as long as ten years before using it.
Then, we entered the more recent massive data breach era and studies have shown that there isn’t a long amount of time between theft and the stolen data starting to hit for profit black market and underground carder sites. In fact, it might only be a matter of hours vs. days or weeks.
Now, however, thanks to recent global terror events, we know more about “sleeper cells” and their methods of operation. Sleeper cells not only lie dormant until activated but a recent study suggests that they might treat stolen data in the same manner, sitting on it until needed versus using it more immediately. The data could be aged by these groups for weeks, months or even years contrary to what’s occurring in the current data breach era.
Concern: Employees Sending Data to Wrong Person
Most businesses do it. They spend more time worrying about outsiders getting in than insiders making costly mistakes.
A recent survey highlighted the concern that most senior executives have…that employees will errantly send out confidential information to the wrong person. The concern might not be that farfetched as 60% admitted that they, or someone they know have sent out information to the wrong person.
So, perhaps as much, or more, attention needs to be paid to internal training, policies, document security and controls as that which is currently being paid to keep the foxes out of the hen-house. Paradigm shifts might be in order here.