COVID-19, WFH prompts spike in cyberattacks against banks, insurers

Research suggests “open and insecure gaps” are being exploited in financial organizations’ networks.
Written by Charlie Osborne, Contributing Writer

The coronavirus pandemic and working from home (WFH) requirements are causing a "significant" spike in attacks against financial entities, new research suggests. 

On Wednesday, BAE Systems Applied Intelligence released the COVID Crime Index 2021 report, which examined how the remote working model is impacting the banking and insurance industries. 

As the pandemic continues to have a widespread impact, the rapid transition to WFH models -- in some areas -- is being loosened, but many organizations are choosing to either continue allowing staff to work remotely or are adopting hybrid working practices. 

HSBC and JP Morgan, for example, will allow thousands of their employees to stay home for the foreseeable future. 

There are ramifications to WFH trends when it comes to staff satisfaction and productivity. A recent study found that 31% of employees believe they work better from home, but distractions, home life, and existing commitments were cited as issues when it comes to working effectively. 

Security, too, has proven to be a challenge. According to BAE Systems's report, 74% of banks and insurers have experienced a rise in cyberattacks since the start of the pandemic, and "criminal activity" detected by financial entities has risen by close to a third (29%). 

The research is based on two surveys conducted with 902 organizations in financial services and fieldwork in both the US and UK markets, taking place over March 2021. 

The increased threats detected by IT teams are as follows: 

  • Increase in botnet attacks: 35%
  • Increase in ransomware: 35%
  • Increase in phishing attacks: 35%
  • Mobile malware: 32%
  • COVID-related malware: 30%
  • Insider threats: 29%

The report also reveals that 42% of banks and insurers believe the working from home model has made their organizations "less secure" and 44% say remote models have led to visibility problems across existing networks.  

The pandemic has prompted many companies to cut costs whenever they can, and when it comes to cybersecurity, average risk, anti-fraud, and cybersecurity budgets have been slashed by 26% -- leading to 37% of organizations believing their customers are now at a greater risk of cybercrime and fraud. 

Financial losses, perhaps unsurprisingly, are increasing. According to the report, 56% of UK and US banks have experienced such losses, with an average cost of online criminal activity alone reaching $720,000 over the course of the pandemic. 

In a secondary study, BAE Systems focused on the pandemic's cybersecurity ramifications for consumers. In the past year, 28% said they had been sent at least one covid-19-themed phishing email, 22% received scams over SMS, and overall, at least a fifth of consumers have been targeted over 2020 - 2021. 

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards