LEVERAGING OPEN SOURCE INTELLIGENCE (OSINT) TO COMBAT FRAUD



Similar documents
The following contains only Unclassified Information. Tyson Johnson

Unlocking The Value of the Deep Web. Harvesting Big Data that Google Doesn t Reach

ISOLATE AND ELIMINATE FRAUD THROUGH ADVANCED ANALYTICS. BENJAMIN CHIANG, CFE, CISA, CA Partner, Ernst and Young Advisory Singapore

Online Reputation Management Protecting your Brand & Reputation In The Digital Marketplace

Addressing Big Data Security Challenges: The Right Tools for Smart Protection

ORACLE SOCIAL ENGAGEMENT AND MONITORING CLOUD SERVICE

Accenture Risk Management. Industry Report. Life Sciences

Trademark Protection

The Informatica Solution for Improper Payments

Understanding the Deep Web in 10 Minutes

Fraud Solution for Financial Services

Managing the Risk of Fraud in Outsourcing. Fernando Cancino, CFE, CIA

Medical Information Role in the Pharmaceutical Industry

Checklist. davies.com.au

Discover more, discover faster. High performance, flexible NLP-based text mining for life sciences

A. Background. In this Communication we can read:

Integrated Finance, Risk, and Profitability Management for Insurance

How To Create An Insight Analysis For Cyber Security

IBM Global Business Services Microsoft Dynamics CRM solutions from IBM

Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath

Strategically Detecting And Mitigating Employee Fraud

V E N D O R P R O F I L E. F i c s t a r : S i m p l i f y i n g W e b D a t a E x t r a c t i o n I D C O P I N I O N

WINNING STRATEGIES FOR THE DISTRIBUTION INDUSTRY. Effective Inventory Analysis By Jon Schreibfeder. >> Compliments of Microsoft Business Solutions

Symantec RuleSpace Data Sheet

How To Prevent Fraud Through Ad Verification

An Analysis of the Most Infringed Terms within Domain Names

TECHNOLOGY YOU CAN USE AGAINST THOSE WHO USE TECHNOLOGY FRAUD ANALYTICS: TAKING DATA ANALYSIS TO THE NEXT LEVEL

IBM Solution for Pharmaceutical Track & Trace

In-Depth Understanding: Teaching Search Engines to Interpret Meaning

Capture intelligence that matters

Digital Marketing. SiMplifieD.

Mass Marketing Fraud Affecting Canadian Businesses

A Hurwitz white paper. Inventing the Future. Judith Hurwitz President and CEO. Sponsored by Hitachi

Three proven methods to achieve a higher ROI from data mining

Accenture Interactive Point of View Series. Marketing Analytics Being data smart requires a culture change to realize business benefits

RISK MANAGEMENT AND COMPLIANCE: LOOKING AT THE BIG PICTURE HOW TO IDENTIFY AND MANAGE MONEY-LAUNDERING RISK

How to use Text Mining in Social and CRM to Improve Quality Control and Save Money

Big Data and Security: At the Edge of Prediction

Signal Hub for Wealth Management

Insurance Bureau of Canada

Leverage the Internet of Things to Transform Maintenance and Service Operations

How To Manage Intellectual Property

Being protected Using data analytics to detect fraud

White Paper 7 Questions You Should Be Asking About Your Channel Sales Incentive/Loyalty Program, & The Platform & Services That Power It

Moreketing. With great ease you can end up wasting a lot of time and money with online marketing. Causing

Leveraging Privileged Identity Governance to Improve Security Posture

Forensic Audit Building a World Class Program

Benefits fraud: Shrink the risk Gain group plan sustainability

Internet Advertising: Is Your Browser Putting You at Risk?

ORACLE ENTERPRISE DATA QUALITY PRODUCT FAMILY

Using Data Mining to Detect Insurance Fraud

Essential Conversations Project Inc. Websites Terms & Conditions

Empowering Global Medical Information Teams with Software Solutions

CITIHUB CONSULTING WEBSITE TERMS AND CONDITIONS

Internet Reputation Management Guide. Building a Roadmap for Continued Success

China Intellectual Property Challenges and Solutions: An Essential Business Guide

3 MUST-HAVES IN PUBLIC SECTOR INFORMATION GOVERNANCE

The London School of Architecture Website Terms & Conditions

Neil Meikle, Associate Director, Forensic Technology, PwC

Analyzing Big Data: The Path to Competitive Advantage

Eight Essential Elements for Effective Threat Intelligence Management May 2015

ARCHIVING: A BUYER S CHECKLIST

Without prejudice to the generality of the foregoing paragraph, The Gallery Tattoo Studio does not warrant that:

Determining the Highest Value Leads

THE 2014 THREAT DETECTION CHECKLIST. Six ways to tell a criminal from a customer.

IBM Solution for Pharmaceutical Track & Trace: Supply chain visibility drives overall performance

Insightful Analytics: Leveraging the data explosion for business optimisation. Top Ten Challenges for Investment Banks 2015

Voice of the Customer: How to Move Beyond Listening to Action Merging Text Analytics with Data Mining and Predictive Analytics

An Oracle White Paper October An Integrated Approach to Fighting Financial Crime: Leveraging Investments in AML and Fraud Solutions

Innovation: Add Predictability to an Unpredictable World

decisions that are better-informed leading to long-term competitive advantage Business Intelligence solutions

A Guide to Effective Expense Management Strategies for

Pipeliner CRM Phaenomena Guide Sales Pipeline Management Pipelinersales Inc.

Internet Reputation Management Guidelines Building a Roadmap for Continued Success

Holiday Fraud Myths. How They Leave Retailers Vulnerable

The State of Insurance Fraud Technology. A study of insurer use, strategies and plans for anti-fraud technology

EXPOSING CLICK FRAUD

FIGHTING INTELLECTUAL PROPERTY FRAUD

Customer Relationship Management

How To Protect Yourself From A Threat From Social Media

Enhancing customer-centric strategies. An Experian Data Quality white paper

Should Costing Version 1.1

Security strategies to stay off the Børsen front page

Why Have Intellectual Property?

CSC Best Practice Guide. 10 Steps to Tackling Online Counterfeiting

Top 5 reasons to choose HP Information Archiving

Business Process Services. White Paper. Mitigating Trade Fraud: The Case for Detecting Group Level Fraudulent Activity

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Recognize the many faces of fraud

Service 2 - IPR analysis and survey mini-guide

Loss Prevention Data Mining Using big data, predictive and prescriptive analytics to enpower loss prevention

Four Ways Counterfeit Electronics are Killing Your Profits and Steps to Fight Back A PLAYBOOK FOR THE ELECTRONICS INDUSTRY

Malware isn t The only Threat on Your Endpoints

From Web Analytics to Engagement Analytics

SOLUTION WHITE PAPER. 6 Advantages of a Cloud-Based IT Service Desk By Jeff Moloughney, Principal Solution Marketing Manager, BMC Software

Augmented Search for Software Testing

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security

Transcription:

The illicit practices of diversion, theft of trade secrets, and counterfeiting pharmaceutical drugs have been estimated to be a $200 billion per year industry. Managing and identifying intellectual property infringement can help leaders maintain a competitive advantage and avoid loss in market share. This presentation will review how OSINT can be used to reduce risk exposure, identify potential loss incidents, and assist in loss recovery efforts. As fraud investigators and other risk management practitioners seek to harness the overwhelming body of information available through OSINT, this session will provide proactive new solutions to use in the field. TYSON JOHNSON, CFE, CPP Director, Global Risk Management, ATS Automation Oakville, ON Tyson Johnson is a well-travelled risk management executive. He has worked in government, global banking, and global manufacturing. Johnson has effectively led investigations in Mexico, Thailand, China, India, Malaysia, as well as throughout North America and Europe. He has been a pioneer in the field of developing Open Source Intelligence (OSINT) programs to support risk reduction, loss prevention, and recovery for the past decade. As a former intelligence officer, Johnson understands the need for strong information collection and analysis to support proactive risk management. Tyson obtained his master s degree from the Fletcher School of International Law & Diplomacy, and has participated in leadership programs including the Governor General s Canadian Leadership Conference. Association of Certified Fraud Examiners, Certified Fraud Examiner, CFE, ACFE, and the ACFE Logo are trademarks owned by the Association of Certified Fraud Examiners, Inc. The contents of this paper may not be transmitted, re-published, modified, reproduced, distributed, copied, or sold without the prior consent of the author. 2013

Let s start by learning a common language so we will be in sync throughout the presentation: Intelligence Cycle While we all intuitively know this cycle, it is worth reviewing for the purpose of this presentation. The basic equation is: Information + Analysis = Intelligence The cycle we must go through involves these stages: Collection of open source information Filtering of the information collected to ensure we have relevant and reliable content for the next stage Analysis of the filtered, relevant content, utilizing inductive reasoning skills to identify the so what from all data Production of insights and inferences that are actionable and proactive in the identification of fraud, fraud avoidance, fraud recovery, or loss reduction Big Data This refers to all content available for research, analysis, and review. Big data consists of both structured and unstructured data, and the goal is for fraud investigators to make sense out of all data. Traditional anti-fraud tools are very good at running analysis on structured content looking for duplicate payees, duplicate addresses, and so on. How do we harvest and tag unstructured content from the Internet (any and all formats) to develop more structured data for analysis? That is what we will cover in this presentation today. Deep Web When a typical search engine is used for searching a term, the engine returns search results based on popularity, page ranking, advertisements, and ultimately all pages that the bots were able to capture 2013 1

from trolling the indexed surface Web. Any content not indexed (i.e., not reachable by a bot and cannot be crawled) is not identified or flagged for you, the investigator. As with an iceberg, the content visible on the surface Web is similar to what we can see above the water line of an iceberg. The Deep Web is an order of magnitude larger than the surface Web and the content remains largely unknown or invisible to typical search engines. Open Source Intelligence (OSINT) This refers to an investigator being able to create actionable insights and inferences from the wealth of related content that exists in the Deep Web. OSINT is the production component of the intelligence cycle. Force Multiplier The ability to harvest content from the Deep Web in a manner that is largely automated and filtered can and does reduce the fraud investigator s burden for collecting and filtering online, open source information. Reducing the time spent collecting and filtering the massive amounts of available online content allows the investigator to focus more time on analysis of filtered results and identifying fraud, and working toward loss reduction and recovery efforts. The term force multiplier also refers to the ability to harvest content on a scale that is otherwise not possible for an investigator or group of investigators (see WebMD slides). Normalizing unstructured content to semi-structured to enable analytics The concept of unstructured content was introduced earlier. Most fraud investigators are familiar with the analytics that can be run on structured 2013 2

data (employee lists, vendor lists, AP/AR lists, etc.). When we harvest from the Deep Web, we are receiving data in many formats and perhaps many languages. For an investigator to be able to run analysis on the data, it must be tagged, tuned, normalized, and enriched so that it is useable semi-structured. This is referred to as data curation. Technology exists that can indeed curate all data collected into a format (content silo) that is searchable and ready for analysis. The Goal: Creating New Intelligence to Identify Fraud, Identify Perpetrators, Aid in Fraud Recovery and Loss Reduction In the slides that follow, we will review case studies in the Big Pharma sector that focus on IP theft and fraudulent, counterfeit, and diverted product, all sold and transacted online. The size and scale of the problems facing Big Pharma from the global online pharmacies (OLPs) and the difficulty in rooting out the OLPs that are fraudulent and harmful to people and companies will be explored. We will also briefly review one case study in the original equipment manufacturing (OEM) space and dissect the problem and solutions to assist with the proactive identification of possible theft, diversion, or counterfeit. Before jumping into the case study reviews, remember that online content is massive, and increasingly it is growing in foreign language content. The ability to extract and translate (machine translation) foreign language content is critical to truly global fraud management programs. Pharmaceutical Fraud Setting the Stage The large pharmaceutical companies spend significant resources on research and development (R&D) to develop 2013 3

new drugs, patent, bring through trials, and eventually receive permissions to sell and provide to the mass market. Reporting indicates that U.S. pharmaceutical companies are losing billions of dollars each year to counterfeiting, IP theft, and diversion of products. The counterfeit drug industry alone is estimated at $200 billion per year to pharmaceutical providers. Online Pharmacies Many of us have read about the prolific growth of OLPs across the world, with Canada presenting a big issue of concern to the United States in this regard. It might surprise you to know that there are currently at least 50,000 OLPs across the world, with many new domains registered each day for new OLPs. The problem with traditional online searching is that it would be impossible to find all OLPs, let alone effectively harvest and compare their online content to determine if it is fraudulent or connected to the other 49,999 OLPs you are looking at. Developing usable OSINT from this methodology is difficult, if not impossible. (Try bookmarking all OLPs and then reviewing each day to see what content is changed or different than the last time you looked, etc.) Running link analysis on all OLPs harvested is now a possibility. The data from the OLP has been curated so that the semi-structured data can look for common themes, such as phone numbers, emails, payment systems, domain addresses (ranges), registrants, and so on. The goal is to be able to identify the hubs that control multiple domains so law enforcement can take down one company but hundreds or thousands of fraudulent OLPs. 2013 4

OEM Trade Board Reviews Another similar problem is the theft of IP, counterfeit, and diversion of products from OEMs in the marketplace. Again, as with pharmaceutical companies, OEMs spend significant resources on developing cutting-edge products and protecting them with patents, hoping to capture market share based on quick time to market and increasing the hurdles for competitors to enter with a similar product. New product launches or pre-production technologies are often met with diverted or counterfeit products that erode pricing models and profits, as well as cause quality and reputational issues for the counterfeit products floating in the market space as belonging to the OEM. Recent media reporting on Hewlett-Packard serves as a case in point. Harvesting technology allows us to continue to harvest products at risk of counterfeit or theft by reviewing the prevalence of certain makes and models of products for sale online. Prolific sellers that are in proximity to manufacturing sites are often indicators of product theft and diversion. The ability to identify such products for sale, within proximity to facilities or key markets, will enable fraud investigators and loss prevention management to get in front of these actions in a near-real-time manner, avoiding potentially months of loss, identifying the internal weaknesses that permit the theft and diversion of products, and so on. 2013 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information