Fighting Cyber-Enabled Fraud 2025

Page 18 of 31 · WEF_Fighting_Cyber-Enabled_Fraud_2025.pdf

← Prev Next → Download original PDF
When prevention and protection measures fail and digital infrastructure is abused, rapid detection and coordinated response become critical. Effective defence requires coordination among hundreds of organizations generating threat intelligence and hundreds more positioned to act – from security vendors and financial institutions to domain registrars and hosting providers. Yet no single organization can maintain bilateral relationships at the required speed and scale, creating a many-to- many coordination problem. Diverse networks have emerged to address this challenge. Industry-specific platforms such as the Financial Services Information Sharing and Analysis Center (FS-ISAC) and NetBeacon Reporter63 for domain names standardize abuse reporting within sectors. Law enforcement networks including Europol’s SIENA64 and INTERPOL’s cybercrime platforms65 facilitate intelligence exchange across jurisdictions. Cross-sector collaborations such as the APWG’s eCrime Exchange66 and the Global Signal Exchange enable real-time sharing of threat signals by technology and cybersecurity providers. Throughout the mobile communications industry, the GSM Association (GSMA)-run Telecommunication ISAC and High-Risk Number platform provide real-time means of exchanging fraud information.67 Government programmes – from citizen reporting to public–private frameworks – extend intelligence and enforcement capacity. These platforms demonstrate how signal sharing multiplies force against coordinated criminal operations. However, the ecosystem remains fragmented across organizational and jurisdictional boundaries. Government initiatives typically operate nationally; ISACs serve specific sectors; cross-sector collaboratives reach only participating members. Intelligence stays siloed due to interoperability gaps at multiple levels: inconsistent technical formats, divergent taxonomies and ontologies, variable trust between platforms and incompatible legal agreements. While standards such as Structured Threat Information Expression (STIX), Trusted Automated Exchange of Intelligence Information (TAXII) and Malware Information-Sharing Platform (MISP) enable technical exchange, semantic and governance barriers persist. Without more interoperable frameworks and clearing-house mechanisms that span technical, semantic and trust layers, critical intelligence falls through the gaps – slowing responses, limiting systemic impact and preventing those best positioned to act from receiving actionable signals.A call to scale and modernize signal sharing and abuse response Addressing these coordination and interoperability challenges requires action in three dimensions: establishing shared standards and expectations for abuse reporting and intelligence exchange; building trust frameworks that enable responsible and active participation; and deploying advanced detection capabilities that match the scale of modern threats. Action 7 – Establish signal sharing as a core industry standard: Signal sharing must become an established expectation and interoperable industry standard – underpinned by clear legal and governance frameworks that enable the responsible exchange of actionable intelligence across sectors and jurisdictions. Affected intermediaries, such as online platforms and financial institutions, should be legally authorized and incentivized to cooperate against scams and fraud based on well-governed indicators of suspicious activity. This includes the ability to share relevant information – such as account or infrastructure data – with government agencies and trusted partners for the narrow, legitimate purpose of detecting and preventing fraud. As part of this effort, “trusted reporter” programmes can enhance the efficiency and reliability of abuse reporting. Under these programmes, organizations grant priority handling to reporters who consistently demonstrate accuracy and credibility, often through low false-positive rates and established one-to-one relationships. Such mechanisms illustrate how signal sharing can evolve from isolated exchanges into structured, high-trust partnerships that accelerate collective prevention and mitigation efforts. Policy-makers should ensure that national and international legal frameworks explicitly permit privacy-preserving signal sharing between the public and private sectors, recognizing fraud prevention at scale as a matter of public interest. Clear safeguards and oversight mechanisms must protect the rights of individuals while enabling faster collective action against organized criminal networks. Establishing this shared foundation would transform fragmented initiatives into a cohesive, systemic defence capable of matching the scale and sophistication of modern online fraud.2.3 Mitigation Fighting Cyber-Enabled Fraud: A Systemic Defence Approach 18
Ask AI what this page says about a topic: