Financial institutions (FIs), such as banks and insurance providers, are reporting significantly increased threat levels from COVID-related cybercrime, according to a research by BAE Systems Applied Intelligence.
A huge jump in new pandemic-related threats, alongside a rise in challenges caused by enforced work from home guidance, is leaving open and insecure gaps in FIs’ networks. The findings analyze the changing nature and impact of fraud, risk and cyber threats on UK and US FIs and consumers over the last 12 months.
According to the index, which surveyed 902 organizations in the financial services sector, 74 percent have experienced a rise in cybercrime since the pandemic began, with 42 percent of banks and insurers revealing the remote working model has made them less secure. 44 percent were also concerned that this has led to less visibility of potential holes in their network or infrastructure and a further 37 percent of FIs believe their customers are now at greater risk of cybercrime or fraud.
Adrian Nish, Head of Cyber at BAE Systems Applied Intelligence, comments: “We’re noticing a clear collaboration emerging between different groups of criminals across the wider landscape of serious and organized crime. Fraudsters and cybercriminals seek to exploit fear, uncertainty and change, and the pandemic has offered them new opportunities to probe for weaknesses they can monetise and new ways to disguise their activity.”
He continues, “Attackers are building increasingly advanced capabilities to target core banking systems and becoming more aggressive, harming victims’ ability to respond to attacks. Online criminals have reacted fast, adapting their approach to hunt out remote working security gaps and prey on the vulnerable.”
Financial losses and budget cuts making it harder for FIs to protect customers
The monetary impact of online criminal activity since the start of the pandemic has also been significant. The index found that 56 percent of US and UK banks and insurers saw an upsurge in financial losses over the last 12 months – the average cost reaching $720,000 and rising.
Despite this growing problem, IT security teams are feeling further pressure from decreased budgets and team redundancies. On average, budgets within IT security, cybercrime, fraud and risk departments have been slashed by 26 percent and 40 percent have had to cut back on critical IT security technology spend. Alongside this, 36 percent have had to reduce the number of people in IT security teams over the past 12 months.
Customers exposed to a spike in pandemic-related threats and it’s costing them
A secondary study as part of the index surveyed consumers to explore the personal impact of these increased attacks and found a fifth of consumers have been targeted at least once in the past year. 28 percent said they had been sent an email hoax relating to COVID-19, with 22 percent also being targeted by text or SMS.
Even when refunded, the average amount of money stolen by cybercriminals was $1,174. For those who didn’t see their money again, the average money lost was a significant $743.
A spike in online shopping due to the pandemic has also driven increasing cybercrime. 26 percent said they had bought something from a fraudulent site in the past 12 months and never received their goods. This has led to concerns over sharing data, with 84 percent of consumers worried about their digital identity and personal information online.
53 percent of those surveyed believe it is the job of the banks to protect them, compared with 40 percent that believed it was their own responsibility.
53 percent said banks or credit card providers could provide more guidance to consumers on how to behave online to be better protected from cybercrime.