COVID-19 Rattles Banks and Insurers as Security Budgets Are Slashed
Financial institutions in the US and UK cut security budgets by a quarter last year and saw cybercrime and fraud activity rise by about the same amount during the pandemic, according to new research from BAE Systems Applied Intelligence.
The British cybersecurity and risk management firm engaged Atomik Research to poll nearly 1000 banks and insurers and 2000 consumers in the US and UK back in March, in order to better understand the impact of COVID-19 on the industry.
It found that three-quarters (74%) of responding organizations experienced a rise in cybercrime since the start of the pandemic, with botnet attacks (35%), ransomware (35%), phishing (35%), mobile malware (32%), COVID-related malware (30%) and insider threats (29%) particularly common.
Although there’s no direct link between the two, the research revealed that budgets were cut by around the same amount (26%) as cybercrime increased (29%).
With the pandemic and budget cuts also came a surge in financial losses from cybercrime, growing 56% over the past 12 months to reach $720,000 on average.
Two-thirds (42%) of responding organizations said they felt remote working made them less secure, while a similar number (44%) claimed it had made it harder to gain visibility into potential network blind spots.
“We’re noticing a clear collaboration emerging between different groups of criminals across the wider landscape of serious and organized crime. Fraudsters and cyber-criminals seek to exploit fear, uncertainty and change, and the pandemic has offered them new opportunities to probe for weaknesses they can monetize and new ways to disguise their activity” said BAE System Applied Intelligence head of cyber, Adrian Nish.
“Attackers are building increasingly advanced capabilities to target core banking systems and becoming more aggressive, harming victims’ ability to respond to attacks. Online criminals have reacted fast, adapting their approach to hunt out remote working security gaps and prey on the vulnerable.”
Despite the pressures COVID-19 has put on cyber and fraud teams inside banks and insurers, there are opportunities to differentiate by improving customer outreach, education and protection, the report found.
More than half (53%) of consumers surveyed argued that it is the job of the banks to protect them, versus 40% that said it was their own responsibility. The same number (53%) said banks or credit card providers could provide more guidance on how to stay safe from cybercrime.