-
It was only a few short years ago smartphones started appearing in people's hands in significant numbers and yet almost immediately the way we communicate has transformed. This has brought both astounding benefits and increased risks.
Barriers between countries and people have come down. We can now effortlessly talk to overseas colleagues, friends or family members via videoconferencing, use crowdsourced language translations via the internet or create a simple game app which achieves over 2 billion downloads – an industry in its own right. Almost anything is possible.
"Just as criminals move quickly to take advantage of the ever-evolving reach of digital, organisations must enhance their response."
Steve Glynn, Guy Boyd and Damian McMeekin, Global head of information security, Global head of financial crime and Head of group security at ANZ.This technology has enabled so much positive change to our lives but there have been unintended consequences. Raw footage is uploaded to social media faster than news agencies can report. Rumour is now often circulated before facts and messages lost.
For business, just as we use technology to easily connect within and between organisations, criminals do too. The frequency and types of this cybercrime are numerous. So how can we adapt, respond and maintain trust in the new digital world?
BIG BUSINESS
We know from recent examples like Silk Road that cyber-criminal enterprise is big business and that key to this business is social connectivity. Social media can connect malware developers to criminal 'clients' and enable the criminal to learn about their target organisation through employee posts.
Criminals are now just as connected and technology-enabled as organisations are and in some cases have more to gain. Is it a risk we need to be worried about? And if it is, what can organisations do?
In 2014, the New York Times devoted more than 700 articles related to data breaches after publishing fewer than 125 the previous year. Our recent BlueNotes disruption special looked at the increasing prominence of cybercrime and concluded that this is more than just an increasing trend.
Cyber-enabled crimes are the new reality and organisations need to adapt accordingly.
WEAK POINTS
So how do organisations typically experience cyber-attacks? Mandiant, cyber security experts, indicate that 95 per cent of all successful data breaches (a form of cyber-attack) are a result of phishing emails.
These fake, malicious emails are not new and yet the success of this very common technique continues. Consider this for a moment, who questions an email from a law enforcement agency stating that you have been fined for speeding - “Click here to download your speeding fine"?
Cyber Facts
- 40 per cent of the world's people have access to the internet, and there are 7.3 billion active mobile phones.
- Social Media provides enormous exposure and opportunities with:
- 1.44 billion on Facebook
- 289 million on Twitter
- 540 million on Google+
- 364 million LinkedIn users.
- Costs arising from cyber-attacks are increasing, with the average cost to an organization quoted at 1.46 million pounds.
- On average Phishing campaigns receive their first 'click' within one minute. Effective training can reduce the likelihood of a successful phishing attack to less than 5 per cent.
- Australian Payments Clearing Association has seen a 33 per cent increase in card fraud to 58.8c per $A1000 spent in 2014, costing $A387 million. Ninety four per cent of this increase is a result of card not present fraud (online, phone and or by mail).
- In the first six months of 2015, the Australian Competition and Consumer Commission (ACCC) have reported $A45 million lost to scams.
Would you click on the link? What if you were in a rush, checking emails between meetings on your mobile device?
Unfortunately, research shows that a large percentage of employees in a typical organisation will open a phishing link. It only takes one employee to put an organisation at risk.
With criminals becoming increasingly tech-savvy, it is possible to attack a large number of potential victims with minimal outlay or technical ability.
This shift has also been observed when you look at the fraud statistics recently published by the Australian Payments Clearing Association. In 2014, aligned with global trends, Australia has seen an increase in “card not present" fraud (online, phone and or by mail) now costing the banking industry $299.5 million per year.
More and more criminal enterprises are launching targeted fraud campaigns against new technologies.
Examples of email hijacking, where corporations are tricked into paying fake instead of legitimate suppliers using fabricated email instructions further show the sophistication of criminals. Criminals are improving their efficiency and scale.
TRUST
Given all this, how do organisations adapt, respond and maintain trust? Just as criminals move quickly to take advantage of the ever-evolving and expanding reach of digital, organisations must enhance speed and flexibility in both their risk-management strategies and incident-management responses.
Organisations must not only be innovative and timely in their take up of new technology and digital product offerings but must also ensure they educate their customers, staff and business partners in the risks associated with technology.
Increased partnerships and information-sharing across private and public organisations and industry groups is crucial to promote further awareness and facilitate trust.
The motivation to commit crimes haven't really changed people still want money, power and notoriety but the tools to achieve these aims have shifted and we need to adapt our thinking and respond accordingly. It's an opportunity to look for new ways to build and maintain trust in a digital world.
Steve Glynn is global head of information security, Guy Boyd is global head of financial crime and Damian McMeekin head of group security at ANZ.
The views and opinions expressed in this communication are those of the author and may not necessarily state or reflect those of ANZ.
- 40 per cent of the world's people have access to the internet, and there are 7.3 billion active mobile phones.
EDITOR'S PICKS
-
There is no doubt digital is the future and customers want the convenience and speed it provides – not just in banking but many services. But the convenience and revolution of digital comes with the risk of cybercrime. This will be a digital war and humans remain the weakest link – meaning training and education are critical.
2015-07-02 13:33 -
'Silicon Valley is coming' says JP Morgan.
2015-07-02 13:07 -
We're all fascinated by how radically technology may change our lives in the future. From the smartphone to driverless cars to 3D printing we're constantly rethinking how gadgets might make daily life easier.
2015-07-01 12:48