The number of cyber-enabled fraud has shot up over 1000 percent, according to a new report by KPMG.
The firm's Fraud Barometer report recorded a rise in online frauds, up 1266 percent on 2015 figures. This includes a £113 million cyber-fraud, the largest recorded in UK Courts since 2008. Overall, cyber-crime cost the UK £124 million.
The overall fraud figure has topped £1.137bn in 2016 compared to £732m the year before. Consequently, the average value of fraud has more than doubled to £5.2 million from £2.4 million. The figures include over £900 million derived from just seven super cases.
“The surge in super cases, from £250 million last year, may be a reflection of fraud becoming a more lucrative and practical proposition for those with the right skills and technology, or those in senior commercial roles,” according to KPMG.
The report highlighted the £113 million case that involved fraudsters cold-calling prospective victims while posing as the security department of banks and tricking victims into handing over online banking details.
Hitesh N Patel, UK Forensic Partner at KPMG said that both public and private organisations openly acknowledge that cyber-attacks are one of the most prevalent and high-impact risks they face, and yet many operate on the basis “it won't happen to me”.
“Organisations must keep abreast of the cyber-threats, both physical and digital, to ensure the protection mechanisms don't become obsolete given the pace of technology and business change. You can have variety of IT protections in place to defend yourself, but it's all for nothing if you are tricked into giving away the keys to the electronic vault,” he said.
Ilia Kolochenko, CEO of web security firm High-Tech Bridge, told SC Media UK that what is particularly alarming is the rise of small online fraud committed by teenagers and people with almost no technical skills.
“Street crime is dangerous and can easily and often lead to imprisonment, while online crime is very expensive and challenging to investigate and to prosecute. If a robber takes a gun and robs a bank – he risks being shot by the police, so why not take a keyboard and rob an online bank? The risks are much lower, while the profit is higher,” he said.
“The global economy is actually in a very bad shape, and many people just don't have a way to feed their kids apart from committing crime. Many of them will consider cyber-crime as an easy way to get money and avoid punishment.
“I think in the near future we will face a significant growth in cyber-crime and online fraud that does not require any particular technical skills from the offenders, nonetheless the police will fail to detect and prevent it. The law enforcement agencies should urgently be given additional financial and human resources to fight skyrocketing cyber-crime, otherwise the future of our society is questionable,” he added.
Jamie Moles, principal security consultant at Lastline, told SC that the problem is the tip of the iceberg.
“There are a number of factors contributing to the issue and jurisdiction is one of the main problems, but it isn't all bad news - the National Crime Agency works with its counterparts in other countries around the world to bring criminals to justice who are involved in cyber-crime,” he said.
“I am of the opinion, however that financial crimes affecting consumers in this country are not taken seriously anymore - not since the banks and police decided that card crime was no longer worthy of serious investigation. Now if you report a stolen/cloned card or identity theft it becomes an insurance matter for the banks and you are largely automatically refunded and given a crime reference number. The insurance companies pay up, the police get another incident to add to their statistics but beyond that what actual action is taken against the criminals?
Moles added that with this as a foundation for our banking system and the issues facing the police who try to do detective work across international borders and the Internet it's certain that this problem will only get worse.
“However cooperation between police agencies and security services is, I believe, unlikely to reduce in this area because of Brexit. Interagency cooperation isn't dependant on membership of the European Union and all governments concerned will likely strive to work together to defeat crime and terrorism despite any political differences.”
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout