Peter Van Crombrugge, are the days of cyber-criminals and fraudsters counted?

After a long career at Europol and Belgium Federal Police as a Lead Intelligence Analyst, and since news began to spread that a technology called iDETECT helps organisations to defeat the most sophisticated forms of threats, Peter, hasn’t had much time to himself. As Chief Analytics Officer and Co-founder of iDETECT he travels and works extensively in the EMEA region. It was just about time to meet him.

After a long career at Europol and Belgium Federal Police as a Lead Intelligence Analyst, and since news began to spread that a technology called iDETECT helps organisations to defeat the most sophisticated forms of threats, Peter, hasn’t had much time to himself. As Chief Analytics Officer and Co-founder of iDETECT he travels and works extensively in the EMEA region. It was just about time to meet him.

  • You have 25 years of experience in security and 20 years in the intelligence and law enforcement area, are criminals and cyber-criminals very different?

Traditional criminals and cyber-criminals are today closely related. Cybercrime is just part of the crime circle, a way of making money, spying, or hacking valuable information. Danger and criminals lurk behind every physical and virtual corner. With today’s prevalence of technologies, few motivated individuals have effectively demonstrated to be capable to defeat large organizations.

The people behind these groups can be information technology experts, geeks, idle teenagers, or highly structured criminal or even terrorist organizations. On the one hand, the threat of attacks on critical infrastructure like power plants and transport grids can basically become the nightmare of security engineers and law enforcement agencies. On the other hand, such risks opened the door for sometimes an unbalanced reaction from authorities.

That’s why I think it is good that there’s now an international debate about mass surveillance due to the Edward Snowden leaks. People gradually start to realize that the internet can be both a beautiful and scary place, and that ultimately data protection and individual liberties are essential.

  • Why did you choose to leave Europol for iDETECT ?

I wanted to translate the skills I developed into the Law Enforcement sector to the more entrepreneurial existence of the private sector. Only by becoming a part of the iDETECT story I could fulfill my passion for technology. I wanted to provide the market with the tools to mine big data and discover the kind of crime typologies that could not be found before, as that is unquestionably one the major challenges of this 21st century. On top of this, creating a tool like iDETECT has the benefit of giving back to the community in terms of crime reduction.

  • Are intelligence analytics skills similar to those required to be detective ?

Intelligence analysts work to protect national security and economic well-being as well as to detect and prevent serious organized crime, such as drug trafficking or child exploitation. Intelligence analysis is used to provide insights that can drive or support law enforcement investigations, operations and strategy, as well as supporting government policy and decisions.
Detectives piece together individual bits of physical and testimonial evidence to recreate how and why crimes happened. A detective’s work ends once the case is handed over to prosecutors or to its clients.

If both jobs have common aspects and require somehow similar analytical skill sets they are different in their very nature. Something is however certain; nowadays these professions require a good knowledge of Information and Communication Technology.

  • Why did you choose to specialise in anti-fraud ?

I specialized in Anti-Fraud, but also Anti-Money Laundering, Counter-Financing Terrorism, Market Abuse, and all the matters related to FININT (Financial Intelligence), which is really an area of interest for me. The market into this area is also obviously quite wide. However, this is not the only intelligence domain, in which we are active, and obviously OSINT (Open Source Intelligence), COMINT (Communication Intelligence) and HUMINT (Human Intelligence) ….
In today’s big data world, FININT involves scrutinizing an extremely large volume of transactional data. Consuming data from a wide variety of sources without volume and velocity constraints is becoming crucial. We are the forefront of such technologies, GARTNER recently identified iDETECT technology as being among the few global players being capable of providing what they call “canned analytics” and “advanced data exploration” features in the fraud and security area. Every day we are achieving the vision that we defined years ago “always being at the forefront of crime analytics”.

Another interesting trend is the recent record penalties imposed on financial institutions: almost $9 billion for BNP Paribas and 1.9 billion for HSBC due to breaches of sanctions and anti-money laundering rules. This has created an unprecedented regulatory stress. On a side note, this is somehow interesting to notice that all these companies got systems in place for years and that, indirectly, such event show the limitations of first generation detection technologies.

  • Is Luxembourg a special place for your type of business?

Luxembourg is a financial place which is quickly evolving now. 2015 will be a turning point and I think it starts to be well understood by all players. As a company, we got the support from the Ministry of Economy that really helped us to move forward – the Grand Duchy is definitely one of the best places to be for our type of technology companies. However, in Europe, the need and confidence demonstrated in innovative information technology is not yet what one can see happening in emerging or high growth countries.

  • It often seems that criminals are always one step ahead, are detection and predictive analytics the secret weapon in IT ?

Criminals will have a hard time with technologies like iDETECT. Such technology can integrate key structured and unstructured data sources collected from any type of IT system and the open source world into a data repository that enables sub-second querying of trillions of records at petabyte scale. The challenges created by our hyper-connected society and the explosion of data and social networks are consequently effectively tackled.

  • In 25 years of experience, attacks and protections have evolved, what is your view ?

In the virtual world of cyber criminality, there is no physical frontier separating two camps. The line of demarcation between friend and foe passes through the very heart of an organization, through the same company, and sometimes through its employees. For instance, hacktivist activities span many political ideals and issues and sometimes terrorist messages. From a constructive form of anarchic civil disobedience, or an undefined anti-systemic gesture, it can signal anticapitalist or political protest with sometimes unclear motives. In such asymmetric environments where strategy, power, or tactics differ significantly, it is necessary to comprehensively put into perspective all actions performed by the attacker — through a complete so-called “gridding” using all sources of information available. Standard security processes have demonstrated to fail nearly systematically in facing intelligent and organized criminals, as recently when the Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses.

  • Concerning attacks impacting online money transactions, how do you see the Anti-Fraud trends with the emergence of mobile payments and virtual currencies?

We are quite active in the area of money transfer and mobile payments. This is where high volume, speed and accuracy and nextgen technologies are at stake. With the proper use of modern technology such goals can be effectively achieved and avoid the trouble into which a regular approach must inevitably—perhaps fatally—run when it is committed to fight modern asymmetric risks

Some financial institutions working with outdated detection methods reach a level of false detections close to 60% percent!. With real-time money transfers and remittances or virtual currencies such as bit coins, nobody can accept such approximations without consciously jeopardizing its core business. This is the fundamental difference between what was still acceptable 3 to 5 years ago and today’s new needs..