i2 CEO Bob Griffin

With the nation’s debt ceiling looming, it has become clear that members of Congress on both sides of the aisle will not agree to new borrowing unless government spending cuts are included in that authorization. But when it comes to reducing outlays, the programs that make up the lion’s share of spending, and which are also the most contentious – nondiscretionary spending like entitlements and health care – are often put off for another day. If we’re going to have a meaningful, long-term impact on the fiscal well-being of our economy, this can’t continue. Fortunately, we have an option available that can make an immediate difference on one of the biggest budget busters, without eliminating any programs or forcing tough choices – tackling health care fraud by leveraging existing technologies.

Health care-related fraud, including fraudulent Medicare and Medicaid claims, costs taxpayers as much as $100 billion each year. Recently, the U.S. Department of Health and Human Services (HHS) charged 111 people in nine cities, including doctors and nurses, for more than $225 million in false billing. These fraudulent claims increase health care costs for all Americans.

One of the best strategies for fighting this drain may be a surprising one: taking existing technologies that are currently catching criminals, stopping terrorists, and mapping the intricacies of insurgent networks – and leverage them to combat health care fraud.

The challenge is the same for both types of criminal activity: processing and analyzing huge amounts of data to identify patterns, trends and individual criminals. In the case of Medicare and Medicaid, the trillions of transactions that happen every year are particularly ripe to be analyzed. This is because health care claims are essentially pieces of “structured data.” Each claim includes the same basic information, such as diagnosis and treatment, and this type of data lends itself especially well to analysis of fraud patterns.

But the power of these technologies really lies in their scale – identifying patterns based on large amounts of data. The impact and benefit could be exponentially bigger if there was a concerted effort, across agencies and organizations, to scale up the implementation of these tools.

If we cut even half of annual Medicaid and Medicare fraud, we’ll go a long way towards achieving Congress’ target reductions in spending. Moreover, this is a long-term fix, one that will continue to remove costs from the system for decades. 

Seven days a week, 24 hours a day, cutting-edge software and technologies are using data analysis to provide actionable intelligence that is protecting Americans from terrorism.  These technologies can, and should, be employed in a similar fashion to protect our health care system and our government’s fiscal stability for generations to come.

Led by Brian McIlravey, co-CEO of PPM 2000, and i2’s Mark Massop, Director and Solutions Specialist, the webinar demonstrated how the products significantly reduce the time and effort required of analysts to turn routine data into actionable intelligence – the key to any successful investigation.

Whether countering cybercrime, investigating fraud or monitoring terrorist networks, time spent combing through case summaries and databases is time lost as illicit activity continues. By transforming routine information in flat reports into visual elements that can easily be analyzed, i2 and PPM’s combined solutions equip analysts with the tools needed to swiftly navigate data, identify relationships and present actionable intelligence to prevent and/or mitigate incidents.

The integration of these solutions will help customers protect their bottom lines, their reputations and most importantly, their customers.

As White House Cyber Czar Howard Schmidt pointed out at an Infragard Alliance breakfast in late January, the technology and capabilities available on mobile devices are way ahead of the current state of security, presenting a high value target for hackers, criminals and terrorists.

For example, applications like Venmo and Bump facilitate payments from mobile devices by linking to bank and credit card information and transmitting payment data via barcodes on the screen, by infrared or by NFC (near-field communications). Starbucks has already made available to customers its own iPhone payment application.  

“These tools [mobile software apps] have historically weak coding and security practices, and will allow cyber criminals to manipulate a variety of physical devices through compromised or controlled apps,” wrote McAfee Labs in the report, adding that many end users do not realize their mobile devices are full-blown computers and they are connected to a network.

Certainly the implications for consumer fraud are rife. More alarming are potential threats to national security and critical infrastructure. The U.S. Army just announced its intention to equip every soldier with a smart phone, and software maker Indusoft recently introduced a SCADA (Supervisory Command and Data Acquisition) application for iPhone, iPad and Blackberry allowing a wireless mobile interface with computer networks that control such critical infrastructure as energy and water facilities.

Dave Marcus, director of Security Research and Communications at McAfee, suggests that for end users, the best defense against mobile cyber crime is knowing your device, knowing what security settings you should have in place, and most importantly knowing what the applications you are using are actually doing. For instance, while end users may be aware that mobile apps can expose privacy and identity data, many users may not be aware that when they post to social networks, send e-mail or perform other seemingly benign activities, many devices are simultaneously transmitting GPS data so that hackers can instantly learn their physical location in addition to whatever else they may be attempting to do.

A byproduct of Twitter for instance – and other limited text communication environments popular on mobile devices – is tiny urls.  Using hyperlink embedding to transmit a longer potentially malicious URL, they are not as easily recognized by users or security software, and are currently capable of bypassing a wide range web filtering countermeasures.

Cyber criminals are targeting more Apple devices in 2011 as their popularity grows in business environments. The use of Botnets, which have now evolved to be capable of swiping data directly from computers vs. simply hijacking them to send spam, will become a common occurrence on Apple platforms in 2011 according to McAfee.

As technology and utilization continue to leapfrog past security, there are nonetheless progressive tools becoming available to help investigators stay ahead of threats by automating and expediting what was once a largely manual process, one which did not easily allow for the pooling and comparison of data from multiple devices.

 To learn more about these tools, attend the upcoming webinar “Mobile Telephony: The Next Wave in Cyber Crime” on Feb. 9.  For more information, visit www.i2group.com.

“We cannot do it without industry support, and industry can’t do it without our support,” he said. “But by the time a company reaches out to DHS after an attack, the damage is already done.”

Discussions about the importance of a Public Private Partnership – widely recognized as P3 in policy circles and by cyber practitioners – are happening on an almost daily basis.  In light of Gen. Alexander’s statements to Congress, there needs to be an honest discussion about the role of the private sector and how involved they should be with the government in developing processes and solutions.  Discussions about how real the threat is are useless unless it leads to action.  P3 efforts in other areas important to our country’s interest like healthcare and education have been challenging.  While hurdles exist in cyber, collectively, we have an opportunity to get this right. 

However, no one has settled on a viable process or standard for what P3 looks like or how it works. For example, Cyber Command, US-CERT, NSA and DHS all will have a role in working with “critical infrastructure” companies but that has yet to be sorted out regarding where responsibilities lie and exactly what they are going to do. The omnibus answer seems to be coming under the Einstein protective umbrella but not everyone is going to want to do that, and it is not ready yet anyway. 

The central issue revolves around trust.  While the technology is strong and getting better every day at identifying and isolating cyber threats, success with P3 initiatives relies on neutrality and a willingness to share information in a way that can lead to quantifiable results.  Organizations like the National Cyber-Forensics and Training Alliance (NCFTA) and InfraGard – which provide protective security advice to businesses and organizations across the national infrastructure – are building cooperation, collaboration and information sharing models between government and the private sector. 

“Information sharing and collaboration are crucial in attaining cyber threat identification and mitigation,” said Ron Plesco, CEO of the NCFTA.

And just recently, the GAO and DHS issued a report on critical infrastructure protection.   The GAO found that “private sector stakeholders…expect their federal partners to provide usable, timely, and actionable cyber threat information and alerts; access to sensitive or classified information; a secure mechanism for sharing information; security clearances; and a single centralized government cybersecurity organization to coordinate government efforts. However, according to private sector stakeholders, federal partners are not consistently meeting these expectations.”  

At the same time, private companies cannot wait for government action to protect their infrastructure.  They should all have cyber plans in place as part of their business continuity planning.  This involves data preservation, Plan B options to stay in touch with customers and vulnerability assessments to determine what is needed to protect them.

William J. Lynn III, deputy defense secretary, and Air Force General Ken Chilton, head of the U.S. Strategic Command (STRATCOMM, which encompasses the U.S. Cyber Command) warn of these escalating threats from cyber espionage and computer crimes, and encourage greater cooperation between the federal government and private industry. The U.S. CERT (Computer Emergency Readiness Team) has been developing the Einstein project since 2004, an intrusion detection system (IDS) that monitors the network gateways of government departments and agencies for unauthorized traffic.  Currently dubbed Einstein 2, its pending third generation deployment (Einstein 3) will not only monitor but also actively block and prevent cyber intrusions.  Businesses that are at risk can ask to come under the protection of the Einstein program; for the time being Einstein is a start in the right direction in protecting critical infrastructure businesses.

“Einstein 2 is like a 1999 Mustang with a little rust,” said James Lewis, a cyber security expert and senior fellow at the Washington-based Center for Strategic and International Studies. “For some companies it isn’t a big deal, but for others who haven’t done much to secure their networks, it would be a good idea.”

There still exists considerable policy discussion as to who will administer this program to private industry.  One possible choice would be the Department of Homeland Security (DHS). There is no question that this needs to become as high a priority as the decision enabling the U.S. Cyber Command to lead the way for military cyber defense.  The risks to national security with an exposed private sector infrastructure are too high.

For more information about cyber, listen to an on-demand Webcast — “Sharing and Layering in Cyber Investigations“.

Analyst’s Notebook and iBase are now pre-loaded with World-Check’s extensive database of Politically Exposed Persons (PEP’s) and heightened risk individuals and organisations.  The combination prvovides analysts with immediate access to the world’s most widely adopted open source research and the powerful tools they need to analyse the research in the context of a particular project or investigation.

Read the full press release.