Newsroom

COVID Cyber Crime: 74% of Financial Institutions experience significant spike in threats linked to COVID-19

COVID Cyber Crime: 74% of Financial Institutions experience significant spike in threats linked to COVID-19
The COVID CRIME INDEX 2021 REPORT shares research into the key challenges or factors that have hindered or impacted financial institutions and their customers over the last 12 months (March 2020 to March 2021). It provides global data and insights from IT security, risk and fraud teams, as well as consumers, along with commentary and recommendations from BAE Systems Applied Intelligence experts.
  • Three-quarters (74%) of banks and insurers experienced rise in cyber crime since the pandemic began
  • IT security, cyber crime, fraud or risk department budgets had been cut by almost a third (26%) in the past 12 months
  • This mirrors the criminal activity detected by financial institutions that had risen by (29%) since the start of the pandemic
  • 42% of FIs said that the remote working model due to COVID-19 makes them less secure
 
Financial institutions (FIs), such as banks and insurance providers, are reporting significantly increased threat levels from COVID-related cyber crime according to new research by BAE Systems Applied Intelligence, the cyber and intelligence arm of BAE Systems.
 
A huge jump in new pandemic-related threats, alongside a rise in challenges caused by enforced work from home guidance, is leaving open and insecure gaps in FIs’ networks. The findings released today within The COVID Crime Index 2021 analyses the changing nature and impact of fraud, risk and cyber threats on UK and US FIs and consumers over the last 12 months*.
 
According to the index, which surveyed 902 organisations in the financial services sector, three-quarters (74 per cent) have experienced a rise in cyber crime since the pandemic began, with 42 per cent of banks and insurers revealing the remote working model has made them less secure. Just under half (44 per cent) were also concerned that this has led to less visibility of potential holes in their network or infrastructure and a further 37 per cent of FIs believe their customers are now at greater risk of cyber crime or fraud.
 
Adrian Nish, Head of Cyber at BAE Systems Applied Intelligence, comments: “We’re noticing a clear collaboration emerging between different groups of criminals across the wider landscape of serious and organised crime. Fraudsters and cyber criminals seek to exploit fear, uncertainty and change, and the pandemic has offered them new opportunities to probe for weaknesses they can monetise and new ways to disguise their activity.”
 
He continues, “Attackers are building increasingly advanced capabilities to target core banking systems and becoming more aggressive, harming victims’ ability to respond to attacks. Online criminals have reacted fast, adapting their approach to hunt out remote working security gaps and prey on the vulnerable.”
 
 

Financial losses and budget cuts making it harder for financial institutions to protect customers


The monetary impact of online criminal activity since the start of the pandemic has also been significant. The index found that 56 per cent of US and UK banks and insurers saw an upsurge in financial losses over the last 12 months – the average cost reaching $720,000 USD and rising.

Despite this growing problem, IT security teams are feeling further pressure from decreased budgets and team redundancies. On average, budgets within IT security, cyber crime, fraud and risk departments have been slashed by a quarter (26 per cent) and 40 per cent have had to cut back on critical IT security technology spend. Alongside this, more than a third (36 per cent) have had to reduce the number of people in IT security teams over the past 12 months.

 

Customers exposed to a spike in pandemic-related threats and it’s costing them


A secondary study as part of the index surveyed consumers to explore the personal impact of these increased attacks and found a fifth of consumers have been targeted at least once in the past year. More than a quarter (28 per cent) said they had been sent an email hoax relating to COVID-19, with 22 per cent also being targeted by text or SMS. Even when refunded, the average amount of money stolen by cyber criminals was $1,174 USD. For those who didn’t see their money again, the average money lost was a significant $743 USD.
 
A secondary study as part of the index surveyed consumers to explore the personal impact of these increased attacks and found a fifth of consumers have been targeted at least once in the past year. More than a quarter (28 per cent) said they had been sent an email hoax relating to COVID-19, with 22 per cent also being targeted by text or SMS. Even when refunded, the average amount of money stolen by cyber criminals was $1,174 USD. For those who didn’t see their money again, the average money lost was a significant $743 USD.
 
A spike in online shopping due to the pandemic has also driven increasing cyber crime. More than a quarter (26 per cent) said they had bought something from a fraudulent site in the past 12 months and never received their goods. This has led to concerns over sharing data, with 84 per cent of consumers 
worried about their digital identity and personal information online. 
 
More than half (53 per cent) of those surveyed believe it is the job of the banks to protect them, compared with 40 per cent that believed it was their own responsibility. The same amount (53 per cent) said banks or credit card providers could provide more guidance to consumers on how to behave online to be better protected from cyber crime.
 
ENDS
 
COVID Crime Index 2021 Report

Download our latest research

The Covid Crime Index 2021: What was the true cost to Financial Services and consumers?
Find out more
 
 
Notes to editors
*Report Methodology: The report findings are based on two recent surveys conducted with 902 organisations within the Financial Services sector, predominantly banks and insurers, as well as consumers among 2,003 respondents aged 18+. The research fieldwork took place on 3rd March – 10th March, 2021. These were carried out in both the US and UK markets by Atomik Research, an independent creative market research agency that employs MRS-certified researchers and abides to MRS code. 

A breakdown of key stats
Financial institutions key findings
  • 74% of Financial Institutions (FIs) have experienced a rise in cyber crime in last 12 months
  • Percentage of FIs that have experienced a rise in threats: 
           -  Increase in botnet attacks  35%
           -  Increase in ransomware  35%
           -  Increase in phishing attacks  35%
           -  Mobile malware   32%
           -  COVID-related malware  30%
           -  Insider threats  29%
  • 56% of FIs have seen a rise in financial losses associated to fraud or cyber crime in last 12 months
  • 74% of FIs have stated that this is linked to COVID-19
  • 42% of FIs said that the remote working model due to COVID-19 makes them less secure
  • Budgets across IT security, cyber crime, fraud or risk departments have been cut by 26%
  • 40% of FIs have had to cut back on critical IT security technology spend
  • 37% of FIs believe that their customers are at greater risk of cyber crime or fraud
  • 77% of FIs remain concerned about the ongoing growth of pandemic-related cyber crime in coming 12 months
 
Consumer key findings
  • 38% of consumers have been a victim of cyber crime or online fraud in the past 12 months at least once, with 24% twice, 15% three times
  • 28%, the highest proportion, said they had received an email hoax relating to COVID-19 and 22% received a text / SMS hoax
  • The average amount of money stolen was £852 (refunded to them) and £539 (not refunded to them)
  • 84% of consumers are concerned about sharing their digital identity and personal information
  • 26% of respondents attempted to buy from a fraudulent site and didn’t receive items
  • 59% of respondents said they reported cyber crime or fraud to the bank
  • 53% said banks or credit card providers could provide more guidance on how to protect themselves online
  • 56% of consumers want bank to be more honest and transparent about how much cyber crime they experience
  • 84% said they would consider how the best cyber crime protection when changing or choosing a FI provider
 
About BAE Systems Applied Intelligence 
At BAE Systems Applied Intelligence, we help nations, governments and businesses around the world defend themselves against cyber crime, reduce their risk in the connected world, comply with regulation, and transform their operations. For further information about BAE Systems Applied Intelligence, please visit www.baesystems.com/ai
 
For further information or to view the report or data research, please contact:
 
For UK:
Nick Haigh, BAE Systems
M: +44 (0) 7525 3909782
E: nick.haigh@baesystems.com
 
For North America:    
Brad Grantham, BAE Systems 
M: (919) 519-8528
E: brad.grantham2@baesystems.com

Issued by:
BAE Systems plc
Media hotline: +44 (0) 7801 717739
www.baesystems.com
@BAESystemsplc