COVID Crime Index 2021 Report highlights pandemic-related security threats

Image courtesy BAE Systems
 
A huge jump in new pandemic-related threats, alongside a rise in challenges caused by enforced work from home guidance, is leaving open and insecure gaps in FIs’ networks. The findings released today within The COVID Crime Index 2021 analyses the changing nature and impact of fraud, risk and cyber threats on UK and US FIs and consumers over the last 12 months.
 
According to the index, which surveyed 902 organisations in the financial services sector, three-quarters (74%) have experienced a rise in cyber crime since the pandemic began, with 42% of banks and insurers revealing the remote working model has made them less secure. Just under half (44%) were also concerned that this has led to less visibility of potential holes in their network or infrastructure and a further 37% of FIs believe their customers are now at greater risk of cyber crime or fraud.
 
Adrian Nish, Head of Cyber at BAE Systems Applied Intelligence, commented: “We’re noticing a clear collaboration emerging between different groups of criminals across the wider landscape of serious and organised crime. Fraudsters and cyber criminals seek to exploit fear, uncertainty and change, and the pandemic has offered them new opportunities to probe for weaknesses they can monetise and new ways to disguise their activity.”
 
“Attackers are building increasingly advanced capabilities to target core banking systems and becoming more aggressive, harming victims’ ability to respond to attacks. Online criminals have reacted fast, adapting their approach to hunt out remote working security gaps and prey on the vulnerable.”
 
Financial losses and budget cuts making it harder for financial institutions to protect customers
The monetary impact of online criminal activity since the start of the pandemic has also been significant. The index found that 56 % of US and UK banks and insurers saw an upsurge in financial losses over the last 12 months – the average cost reaching US$720,000 and rising.

Despite this growing problem, IT security teams are feeling further pressure from decreased budgets and team redundancies. On average, budgets within IT security, cyber crime, fraud and risk departments have been slashed by a quarter (26%) and 40% have had to cut back on critical IT security technology spend. Alongside this, more than a third (36%) have had to reduce the number of people in IT security teams over the past 12 months.

Customers exposed to a spike in pandemic-related threats and it’s costing them
A secondary study as part of the index surveyed consumers to explore the personal impact of these increased attacks and found a fifth of consumers have been targeted at least once in the past year. More than a quarter (28%) said they had been sent an email hoax relating to COVID-19, with 22% also being targeted by text or SMS. Even when refunded, the average amount of money stolen by cyber criminals was US$1,174. For those who didn’t see their money again, the average money lost was a significant US$743.
 
A secondary study as part of the index surveyed consumers to explore the personal impact of these increased attacks and found a fifth of consumers have been targeted at least once in the past year. More than a quarter (28%) said they had been sent an email hoax relating to COVID-19, with 22% also being targeted by text or SMS. Even when refunded, the average amount of money stolen by cyber criminals was US$1,174. For those who didn’t see their money again, the average money lost was a significant US$743.
 
A spike in online shopping due to the pandemic has also driven increasing cyber crime. More than a quarter (26%) said they had bought something from a fraudulent site in the past 12 months and never received their goods. This has led to concerns over sharing data, with 84% of consumers worried about their digital identity and personal information online.
 
More than half (53%) of those surveyed believe it is the job of the banks to protect them, compared with 40% that believed it was their own responsibility. The same amount (53%) said banks or credit card providers could provide more guidance to consumers on how to behave online to be better protected from cyber crime.