Cybercrime and the Financial System
The financial sector is synonymous with cybercrime in many ways; it's all about the money. Fraud, bank account theft, money laundering, personal data breaches, and terrorist funding are some attack types affecting financial institutions. The financial sector is a critical infrastructure and a prime target for cybercriminals. This is borne out by the fact that according to the Financial Conduct Authority (FCA), in 2017 there was an 80 percent increase in cyber-attacks against financial institutions. The report 2017, Cost of Cybercrime Study by Accenture and the Ponemon Institute found that financial services had higher costs associated with cybercrime than any other sector. In the UK, economic losses due to fraud stand at £705.7 million for the first half of 2018.
The many facets of financial cyber-attacks have revealed themselves over the years. Over the last five years, severe incidents have hit the financial sector. This includes the data breach in 2017 at payday lender Wonga, which affected 270,000 people. The attack involved over 146 million people, 15 million of them in the UK, resulting in a significant share price drop for Equifax. It also saw Equifax fined £500,000 in the UK, "the maximum amount before the GDPR was enacted in 2018.
When banks design their journeys toward a unified operating model for financial crime, fraud, and cybersecurity, they must probe questions about processes, people and organization, data and technology, and governance. Most banks begin the journey by closely integrating their cybersecurity and fraud units. As they enhance Financial crime and fraud in the age of cybersecurity information sharing and coordination across silos, greater risk effectiveness and efficiency become possible. To achieve their target state, banks redefine organizational lines and boxes and, even more importantly, the roles, responsibilities, activities, and capabilities required across each line of defense.
Most have yet to fully unify the risk functions relating to financial crimes, though a few have attained a deeper integration. A leading US bank set up a holistic center of excellence to enable end-to-end decision-making across fraud and cybersecurity. The bank can point to significant efficiency gains from prevention to investigation and recovery. A global universal bank has gone all the way, combining all operations related to financial crimes, including fraud and AML, into a single global utility. The bank has attained a more holistic view of customer risk and reduced operating costs by approximately $100 million.
As criminal transgressions in the financial-services sector become more sophisticated and breakthrough traditional risk boundaries, banks are watching their various risk functions become more costly and less effective. Leaders are, therefore, rethinking their approaches to take advantage of the synergies available in integration. Ultimately, fraud, cybersecurity, and AML can be consolidated holistically based on the same data and processes. However, most benefits are available in the near term by integrating fraud and cyber operations.
Non-State Actors and the Financial Market
North Korea is an emerging actor overall, but it could fall into the established category of cybercrime. During the past decade, the North Korean government has sponsored cyber operations of increasing sophistication aimed at financial gain for the regime and intelligence collection. They have also used cyber-attacks to signal displeasure for perceived slights to the power. Across this range of motives, the North Koreans have shown a higher risk tolerance for aggressive cyber activity than other emerging actors.
The North Korean regime has used cyber means to acquire funds to avoid international sanctions since at least 2015. The vast sums stolen in multiple operations spanning years suggest this country may fall in the established category in our framework, at least in cybercrime. Their success likely stems partly from North Korean cyber actors' adroit exploitation of technological trends. They have taken advantage of security weaknesses in financial institutions, the difficulty of tracing cryptocurrencies, and global money laundering networks.
According to press reports in early, North Korea has used cyber operations to steal as much as $2 billion to generate income and sidestep United Nations (UN)-imposed sanctions. A criminal complaint was lodged in June 2018 by the US Department of Justice (DOJ) against North Korean actor Park Jin Hyok. In August 2019, that detailed a still-unpublished UN report investigating at least 35 reported instances of DPRK actors attacking financial institutions, cryptocurrency exchanges, and mining activity designed to earn foreign currency in some 17 countries, according to the same press report. Transfer in February 2016 of $81 million from the Bangladesh Bank and in computer intrusions and cyber heists having attempted losses of over $1 billion from 2015 to 2018. A South Korean intelligence agency in early 2018 reportedly informed South Korea's National Assembly of North Korean involvement in the heist in January 2018. Despite North Korea as success with cyber-enabled theft, the global Wannacry malware outbreak in May 2017 highlights the potential dangers of unintended consequences from cyber operations employing virulent software exploits.
North Korea is not connected to the global financial system. Then how they gain financially remains a question that needs to be answered. The current scenario regarding the international financial market, cybercrime, and the role of non-state actors highlights prioritisation of cyberdiplomacy for the cybersecurity of the financial sector. We will also understand if innovation in financial transactions is causing an issue that conventional banks and financial institutions must pay attention to.