State of Financial Crime 2023 Report
If there’s one pain point that stands out in the ComplyAdvantage State of Financial Crime 2022 report, it’s cybercrime. Our annual survey of 800 compliance professionals globally asked firms about their biggest compliance-related pain points (Figure 1) – 45% said cyber security, making this the most popular answer.
But why is concern about cybercrime so high, and what can compliance teams expect through 2022? Here are three key takeaways:
Remote and hybrid working patterns are driving a rise in cybercrime trends
In 2020, firms were grappling with the impact of COVID-19 as it happened, with fraud related to stimulus and furlough programs a key concern. However, as businesses began to adjust to the long-term impacts of the pandemic, this changed. When asked for the top predicate offenses they are screening against in 2020, 61% cited fraud amid widespread reporting about fraudulent activity related to COVID-19 relief funds. By 2021, cybercrime statistics showed the percentage of respondents citing fraud dropped dramatically to 37%. Instead, cybercrime was listed as the most important predicate offense firms are screening against, followed by tax crime (Figure 2).
The proliferation of remote and hybrid working models is a critical driver of this trend. Recent findings from KuppingerCole and HP Inc. confirm that the number of global cyberattacks increased 238% during the pandemic — and that remote workers are a prime target for hackers. Given that over 70% of employees are accessing more customer, operational, financial and HR data from home now than before the pandemic, and more and more are using their work devices for personal activities, it’s easy to see why.
Cybersecurity trends show ransomware attacks are soaring
In 2021, ransomware attacks proved to be a low-cost, high-return method for extorting funds from individuals and businesses alike. As this trend shows no sign of abating in 2022, it is imperative that firms know how to mitigate against ransomware with the appropriate software, systems, and protocols.
Over 304 million attacks were reported worldwide during the first half of 2021. That is equal to the number of attacks that occurred throughout all of 2020. The United Nations Office on Drugs and Crime (UNODC) noted that the digitization of society, alongside the pandemic, had contributed to a 600% rise in cybercrime trends in Southeast Asia. It states that ransomware in particular has “skyrocketed”, and is now the most prominent malware threat.
Many of the targets have been high-profile, such as the attack that hit the Metropolitan Police Department in Washington, DC, in April 2021 and the two carried out against Colonial Pipeline and the global beef manufacturer, JBS, the following month. In May, four subsidiaries of an insurance company in Thailand, Malaysia, Hong Kong and the Philippines were hit with a $20 million ransomware attack. In July, the cybercrime group REvil attacked the software provider Kaseya, hijacked the systems of over 200 companies, and demanded over $70 million in bitcoin in return for decryption keys — the largest ransom to date. In September, a Malaysian web-hosting service was targeted by a ransomware attack in which a $900,000 payment was demanded in cryptocurrency. Thailand has also seen computer systems in its hospitals and companies encrypted and blocked.
Further, while some entities, such as the Metropolitan Police Department, have refused to pay the ransom — a decision that resulted in the release of sensitive departmental data — others have capitulated to the hackers’ demands. Colonial Pipeline, for example, paid $4.4 million. Just over half ($2.3 million) was recovered a month later.
The rising frequency and severity of ransomware attacks prompted the Financial Crimes Enforcement Network (FinCEN) to issue an advisory on how to mitigate against ransomware, published in November 2021, which details new trends and typologies. Among other insights and cybercrime statistics, the US financial intelligence unit noted that cybercriminals often use wide-scale phishing and targeted spear-phishing campaigns. These prompt individuals to download malicious software, exploit remote desktop protocols and software vulnerabilities, and host malicious code on otherwise legitimate websites.
Cybercrime statistics highlight cyber warfare is fuelling geopolitical conflicts
Cyber attacks are becoming a central pillar in geopolitical conflicts around the world, enabling states to cause chaos and disruption without the use of military force.
The clearest example of this is North Korea (DPRK). It is estimated that the DPRK has a 6,000 member cyberwarfare guidance unit “to conduct financial cybercrime… and exploit enemy network vulnerabilities.” The US and UN estimated that the DPRK has stolen $3.2 billion through cybercrime, including the theft of military information for use in the country’s weapons program and extortion through ransomware. The DPRK has also been suspected of involvement in stealing crypto, and laundering the proceeds through crypto exchanges. The country has even been found to have attempted a phishing attack on UN sanctions experts. While many of the program’s experts are located in Pyongyang, it is thought that parts of the program are operated out of China and parts of Southeast Asia.
In 2022 cybersecurity trends are also likely to play an enhanced role in growing tensions between the US and China. Analysts expect tighter restrictions on the export of critical technologies to China. Measures could include export controls, the screening of outbound investment to China and the closing of regulatory loopholes, including, for example, one that currently allows Chinese semiconductor maker SMIC to continue purchasing critical US technology.
Finally, in Ukraine, where almost 100,000 Russian troops have amassed at the Ukrainian border, there are concerns that an invasion is imminent. This could manifest as a direct conflict, or as a ‘“hybrid war”’ built around information campaigns and cyber attacks on systems and infrastructure.
With these cybercrime and cybersecurity trends in mind, it is essential that firms boost their cyber defenses and practice cyber hygiene. They must have strong cyber security controls and have implemented business continuity and resiliency plans. Firms should also familiarize themselves with the typologies identified by FinCEN and build these into their controls. They should be especially mindful of cyber security risks in ‘hotspot’ countries and industries, such as those highlighted.
Originally published February 18, 2022, updated February 18, 2022
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2023 IVXS UK Limited (trading as ComplyAdvantage).