By Stefano Virgilli — Cybercrime is one of the biggest enemies for many organisations, and the financial services sector is not an exception. When dealing with cybercrime, the concerned subjects should put in place an infrastructure of dedicated tools and a technology ecosystem that will not only correct the damage from a cyber attack — where possible of course — but also to prevent it from happening in the future.
However, this is easier said than done. Many organisations do not feel the threat of cybercrime, nor believe that it could happen to their organisations. Surprisingly enough, some banks and other organisations of the financial sector belong to that particular group.
Basically, cybercrime is committing traditional crimes, such as theft and fraud by using computers.
Naturally, banks and other financial institutions are primary targets, since the main objective is financial gain.
According to the PWC’s 2014 Global Economic Crime Survey, cybercrime — with 38 per cent in 2011 and 39 per cent in 2014 — is the second most common type of economic crime in the sector of financial services.
Compared to other industries, these numbers are significantly lower, 16 per cent in 2011 and 17 per cent in 2014.
Furthermore, 19 per cent of all of the financial services respondents of the survey are unsure whether or not their organisations are likely to experience cybercrime.
In 2011, only half of the respondents reported that they felt the risk of cybercrime is increasing.
Still, many of the financial services respondents do not believe that cybercrime can happen to their organisation.
This is mainly because severe cases of cybercrime happen rarely and leave dreadful consequences.
Financial sector’s unawareness does not mean that cybercrime has stopped evolving or growing.
Banks’ infrastructure is one of the most affected areas where criminal groups whether create systems that will allow more secure and effective ways of enabling transactions, for instance through a mobile network, or work on massive ATM withdrawals.
There is also the credit card crime, that is common in the US as well as phishing scams that targeted multiple bank customers’ personal computers in Japan.
While performing such activities, criminal groups use many methods from fake pop-up windows and viruses to e-mails that are allegedly sent from the customer’s bank with an intention of receiving personal information.
According to the 2015 Global Cyber Security Index, Oman is ranked third in the world, as one of the most prepared countries for cyber attacks.
Local banks in Oman and all across the GCC are doing an excellent job in constantly reminding customers never to share their home banking login credentials.
Cybercrime is an inevitable threat that requires innovative solutions. When executing the crime criminal organisations are one step ahead of the financial sector, and the lack of awareness among the crucial subjects, like CEOs and CFOs, make cybercrime an even bigger threat.
PWC’s survey found that 40 per cent of all Financial Sector respondents believe that it is unlikely their organisation to experience cybercrime in the next two years, including an alarming 54 per cent of CEOs and 49 per cent of CFOs that declared cyber attacks as ‘unlikely’.
This means that financial organisations should invest in their defence systems as well as in finding ways to be one step ahead of the threats.
However, the first step is to raise awareness about the presence of cybercrime and the importance of having a good defence system, since many of the financial service respondents feel comfortable with the defence system they already have in place. Also, the way these subjects perceive cybercrime needs to change. Because financial organisations are not and will most likely never be immune to cybercrime regardless of the defence systems they have incorporated.
And the need of raising awareness is crucial because cyber crime affects other companies and individuals, in other industries, mainly by exposing sensitive information to criminals.
Aside from the Cyber Crime Law of the Sultanate of Oman that has been issued by His Majesty’s Royal Decree which marked a new era for Oman, the Sultanate has been the host of many conferences concerning the issue of cybercrime, as well as making continual investments and raising awareness by educating.
According to the Annual Report 2015 by the Information Technology Authority (ITA), the Sultanate has been targeted with more than 5 million cyber attacks in 2015.
The ITA (Information Security Division prevented more than 4.8 million attacks against government networks and more than 398,000 attacks against government portals. The report witnesses that Oman’s measures and systems that prevent cyber crime are effective.