Wall Street Reports Increase In PC Intrusions In '07
On Thursday, Security Fix featured an exclusive look at data pulled from an unreleased government report showing a steep increase in the amount of funds that banks, businesses and consumers lost last year due to computer hacking and malicious software attacks. Today, I'd like to highlight recently released figures, which show that trading giants on Wall Street also have grappled with a significant rise in computer intrusion-related fraud during that same period.
In the first half of 2007, companies involved in managing securities and futures trades reported a 47 percent increase in the number of fraudulent or suspicious transactions attributed to computer break-ins, according to data released last month by the Financial Crimes Enforcement Network (FinCEN). Financial institutions are required to file suspicious activity reports (SARs) when a suspected fraudulent or illegal transfer of funds exceeds $5,000.
According to FinCEN, trading institutions filed more computer intrusion-related securities fraud reports in the first half of 2007 than they reported in all of 2006. Unlike the FDIC report, however, the FinCEN report did not say how much of the total SARs filed by the securities and futures businesses were related to computer intrusions, nor did it attempt to hang an average dollar loss on each report.
Of the five or so other data points called out in that section of the FinCEN report was this item:
"Suspicious Activity Reports filed by members of the securities and futures industries characterizing the suspicious activity type as 'Identity Theft' increased 104 percent from the corresponding six month period in 2006."
Identity theft, which first appeared as a category on the government's suspicious activity report list at the same time as "terrorist financing" (July 2003), has continued to rise as a reported violation - now ranks 8th, after originally debuting as number 20, FinCEN wrote.
The report doesn't provide any guesses as to what factors might be responsible for those notable increases. But hers's my take: Cyber crooks are going after and compromising online stock trading accounts just as they are online banking accounts. What's more, a fairly hefty rise in the volume of fraudulent "pump-and-dump" stock spam/scams may also explain some of the spikes.
These data sets about fraud are hardly comprehensive, but sadly they are about the only real numbers available. If you know of other reliable sources of data on the impact of cyber crime to U.S. consumers and businesses, please drop a note in the comments below, or send me an e-mail.
By Brian Krebs |
February 22, 2008; 9:40 AM ET
Fraud
, From the Bunker
, Misc.
, U.S. Government
Previous: Banks: Losses From Computer Intrusions Up in 2007 |
Next: How Not To Write a 'Geek Wanted' Ad
We encourage users to analyze, comment on and even challenge washingtonpost.com's articles, blogs, reviews and multimedia features.
User reviews and comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions.